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Preface 



Nowadays, it is generally accepted that the aim of Applied Artificial Intelligence is to 
render computational a large portion of non- analytical human knowledge. To attain 
this end, we need first to build knowledge-level models of analysis and synthesis 
tasks in scientific and technical domains, such as those performed daily by human 
experts in fields such as medical diagnosis, design in civil or telecommunication 
engineering, architecture, flexible manufacturing, or tutoring. Then, these models 
have to be transformed in such a way that their entities and relations can be linked to 
the primitives of a programming language and, finally, produce a program and 
continue with the usual phases in software engineering (validation, evaluation, and 
maintenance). 

This purpose, that seems to be clear, has suffered since its origins in 1956, from a 
lack of methodology and foundations. That is, there has been an excessive hurry to 
develop applications {expert systems) without the technical and methodological 
support available to other engineering disciplines — those dealing with matter or 
energy — having been established. This is the reason why the advancement of 
Knowledge Engineering has not been as robust as expected. 

Fortunately, interest in methodology and foundations has grown in recent years, 
commencing by Clancey and Chandrasekaran’s proposals about generic tasks aiming 
at capturing recurrent abstractions in human knowledge modeling. Then, efforts have 
been made to build libraries of problem-solving methods to develop these tasks by 
decomposing them up to primitive level and completing these tasks and methods with 
ontologies and domain knowledge models together with a set of assumptions about 
implicit representations for each method and about the method’s assumptions which 
are implicit in each domain model. These three basic concepts — tasks, method, and 
domain — , along with the underlying pursuit of designing reusable components, have 
characterized most of methodological developments around KADS, CommonKADS, 
and PROTEGE, for instance. 

The scope and topics included in the Call for Papers of the Eleventh International 
Conference on Industrial and Engineering Applications of Artificial Intelligence and 
Expert Systems (IEA/AIE-98) were compiled within this spirit of concern about sound 
foundations and methodology, as well as with the explicit acknowledgment of the 
necessity of developing efficient procedures to make the models operational. As a 
result of this call, 291 contributed and invited papers were submitted from 41 
countries; the program committee selected 187 among them, after conscientiously 
considering the reviews provided by at least two referees per paper. We believe that 
the significant increase in the number of submitted papers, with respect to recent 
conferences, is a symptom of a maturing interest within the AI community towards 
fundamental issues relevant to well-founded and robust applications in the real world. 

We are pleased to present, as program chairs and editors of these two volumes, a 
final version of the accepted papers incorporating the reviewers’ comments. We have 
arranged their contents basically following the topic list included in the Call for 
Papers, adding some additional topics which received special attention as a result of 
being the subject of invited sessions. The first volume entitled Methodology and 
Tools in Knowledge-Based Systems, is divided into four main parts and includes the 
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contributions having a basic and methodological nature, along with those concerning 
knowledge modeling, formal tools, and generic tasks of analysis in applied AI. There 
are sections on fuzzy knowledge representation and inference, qualitative reasoning, 
evolutionary computing, and multiagent systems, among others. 

One of the most frequent deficiencies in the majority of methodological 
developments lies in ignoring the conclusive step about how to render the models 
operational with the final result of an implemented system. We believe that this fact 
accounts for a considerable lack of credibility towards AI among researches on the 
outside, who feel that it has failed in that it has not made enough inroads into real- 
world applications. Consequently, AI researchers are sometimes seen as just blowing 
smoke. It is still common to find journal articles that do not support claims on 
rigorous experimental evidence or that only show solutions to toy problems by way of 
validation. 

In the second volume, with the title Tasks and Methods in Applied Artificial 
Intelligence, we have included the contributions dealing with aspects that are more 
directly relevant to application development. These contributions are grouped into 
five parts: generic tasks of synthesis and modification, machine learning, applied AI 
and Knowledge-Based Systems in specific domains, and validation and evaluation 
criteria. 

The editors are also aware of the grand challenges for AI concerning artificial 
behavior for agents that have to deal with the real world through perception and motor 
actions. Nowadays, there is an enormous lack of balance between existing AI systems 
in some aspects of their competence. Whereas in some formal microworlds AI 
systems have reached the highest human level of competence — the recent success of 
chess-playing systems being a paradigmatic example — , or there are knowledge-based 
systems exhibiting human expert competence in narrow technical domains such as 
medical diagnosis, etc., few systems exist surpassing the competence of a cockroach, 
for instance, in moving around pursuing a goal in an unstructured world. This 
enormous distance between pure abstract intellectual tasks at one end, and those that 
involve sensorimotor interaction with the physical world at the other, calls for an 
emphasis on research on robotic agents. 

Since the current state of affairs is partly due to the Turing vision of a 
disembodied, abstract, symbol-processing intelligence, new proposals — such as those 
put forward by Harnad or Brooks — are worth consideration. Robotic capacities 
including the ability to see, grasp, manipulate, or move have been added to an 
extended version of the Turing test. The symbol grounding problem has been 
approached by the physical grounding hypothesis: grounding a system’s 

representations in the physical world via sensory devices with the result of emergent 
functionalities. Taking the biological paradigm seriously implies building on top of an 
integrated and distributed sensorimotor system, since the coordination of our 
movement is done mainly in an unconscious way, relying on perception without 
central processors coming into play. Neural networks have proven to be an adequate 
paradigm for approaching this kind of problem as well as others at the subsymbolic 
level. We believe that the connectionist and symbolic perspectives to AI should be 
taken as mutually supporting approaches to the same problems, rather than as 
competitive areas, as is often the case. Hybrid systems integrating both perspectives 
appear to be the right track to follow. 

This emphasis on perception and robotics has obtained a satisfactory response in 
terms of the number of submitted papers, as compared with previous conferences. 
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Consequently, a section on perception is included in Volume I, and in Volume II 
more than 20 papers can be found in sections devoted to perceptual robotics, robot 
motion planning, and neurofuzzy approaches to robot control. 

The papers included in this volume were presented at IEA/AIE-98 which was held 
in Benicassim, Castellon, Spain on June 1-4, 1998. The event was sponsored by the 
International Society of Applied Intelligence — which promotes this conference 
series — , Universidad Jaume I de Castellon — the hosting institution — and 
Universidad Nacional de Educacion a Distancia, in cooperation with several 
international associations such as AAAI, ACM/SIGART, ECCAI, and AEPIA, 
among others. Support for this event has been provided by Fundacio Caixa Castello- 
Bancaixa, Ministerio de Educacion y Ciencia, Fundacio Universitat Empresa of the 
Universidad Jaume I, and Silicon Graphics Computer Systems. 

We would like to express our sincere gratitude to the members of the organizing 
and program committees, to the reviewers, and to the organizers of invited sessions 
for their invaluable effort in helping with the preparation of this event. Thanks also to 
the invited speakers, Michael Brady and Bob J. Wielinga, with particular gratitude to 
Roberto Moreno-Diaz, for their original papers given as plenary lectures and 
appearing in this book. Thanks also to Moonis Ali, president of IS AI and IEA/AIE-98 
general chair, for his constant support. The collaboration of the Technical Committee 
on Robot Motion and Path Planning of the IEEE Robotics and Automation Society 
deserves a special mention, as well as Toshio Fukuda, president of this society, for his 
help in the review process. Also, thanks to Springer- Verlag and particularly to Alfred 
Hofmann for an already long and fruitful collaboration with us. We sincerely thank all 
authors for making the conference and this book possible with their contributions and 
participation. 

Finally, the editors would like to dedicate this book to the memory of Nuria Piera, 
who promoted research on qualitative reasoning across Spain and Europe and could 
not see by herself the success of her last organized session, since she had to move to 
her definitive dwelling. 

The theme for the 1998 conference was New Methodologies, Knowledge Modeling 
and Hybrid Techniques. Our focus has been on methodological aspects in the 
development of KBS’s, knowledge modeling, and hybrid techniques that integrate the 
symbolic and connectionist perspectives in AI applications. The global assessment of 
the contributions contained in these two volumes is reasonably positive. They give a 
representative sample of the current state of the art in the field of Applied Artificial 
Intelligence and Knowledge Engineering and they clearly illustrate which problems 
have already been solved or are on the way to being solved and which still present a 
challenge in the serious enterprise of making Applied Artificial Intelligence a science 
and an engineering discipline as unequivocal and robust as physics or matter and 
energy engineering. We hope that these volumes will contribute to a better 
understanding of these problems and to expedite the way to their solution for the 
well-being of humankind with the advent of the third millennium. 



Angel Pasqual del Pobil 
Jose Mira Mira 
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1. Introduction 

Two decades of knowledge engineering research have resulted in a wide range of 
methods and techniques for the acquisition, modelling, representation and use of 
knowledge (David, Krivine and Simmons, 1993; Schreiber et al., 1994a). The 
purpose of this enterprise was mainly to support the construction of knowledge-based 
systems (KBS) that can perform knowledge-intensive tasks such as diagnosis, 
configuration, assessment, planning and the like. The recent recognition of the 
essential role that knowledge plays in organisations and in modern society at large, 
has triggered questions about the wider applicability of knowledge engineering 
methods and techniques as a possible basis for a technology for the management, 
use, explication and creation of knowledge. Many companies possess large amounts 
of knowledge most of which resides in the heads of their employees or in documents 
and heterogeneous databases that are difficult to access with general queries. 
Scientific communities accumulate large amounts of knowledge and record that 
knowledge in scientific papers, reports and books. Finding the answer to a question 
in an organisation or in the scientific literature often resembles the search for the 
proverbial needle in the haystack. The World Wide Web contains enormous amounts 
of information and knowledge -Alta Vista reports over half a million pages that 
contain the term “knowledge”-, but finding the relevant pieces of knowledge can be a 
draconian task. 

The general goal of this paper is to assess the knowledge assets that we currently 
have and to explore how we can employ knowledge engineering technology to use 
the knowledge resources more effectively than we do today. In other words, the quest 
of the Knowledge Engineering community is to find ways of employing the full 
power of the knowledge that is ready at hand. 

After a brief impression of what the space of knowledge resources that we are talking 
about contains, we will review the assets of the knowledge engineering discipline 
and discuss some of the major issues in knowledge reuse in building knowledge- 
intensive applications. Subsequently we will attempt to formulate a number of 
problems that hamper the accessibility, use and reuse of large amounts of knowledge 
in a more general context. We will indicate some directions towards solutions of 
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these problems. Both Knowledge Engineering (KE) and Knowledge Management 
(KM) are concerned with modelling knowledge, albeit at different levels of detail. 
We will argue that the knowledge modelling methods, techniques and tools 
developed for KE can be applied to KM in a variety of ways. 

The term “ontology” will play a central role in this paper. To date this term is used 
in a variety of ways, varying from just a synonym for a knowledge base to the 
philosophical notion of “theory of being”. Initially we use the term “ontology” in a 
loose sense, meaning something like a “generic knowledge base”, later in the paper 
we will attempt to give a more precise definition of what an ontology is and what the 
benefits and the potential of ontologies are in the context of the general problem of 
knowledge sharing and reuse. 

2. The Knowledge Resources 

The amount of knowledge that mankind has documented over the last three 
millenniums is enormous and is growing at a non-linear rate. Our concern here is, 
however, the fact that knowledge in machine-readable form is becoming available to 
the average computer user at an even faster rate. Current Information and 
Communication Technologies (ICT) already put Giga bytes of textual and multi- 
medial information at the users’ disposal through a simple command or by inserting 
a CD-ROM. It is not unreasonable to expect that in the first decade of the next 
millennium Tera bytes of information can be called up at will. However, information 
only becomes knowledge when it can be interpreted and can subsequently be used by 
an agent to answer some question or to achieve some goal. To support that 
interpretation and use, knowledge technology requires some handles on the structure 
and meaning of the information. 

Hence, we will mainly restrict ourselves in this paper to sources of knowledge that 
have some internal structure that is computationally exploitable. Images, speech 
documents and free natural language documents will not be considered here. The 
knowledge resources that we will mention all have some (semi-) formal structure, 
albeit that this structure may not be imposed all the way down to the level of the 
detailed knowledge items. 

• Knowledge bases: many thousands of KBS have been built, many of 
these are proprietary or not accessible, some of them are public domain 
but unlikely to be reusable. 

• Specialised Ontologies: a number of ontologies and ontology libraries 
for specific domains are available. 

• General Ontologies: a number of general ontologies exist covering a 
broad range of common sense knowledge (Cyc, WordNet, 
EuroWordNet). 

• Thesauri: although thesauri are mainly intended for indexing and 
classification purposes, they also are a rich source of knowledge. Many 
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large thesauri and other classification systems are available (e.g. AAT, 
ULAN, TGN, MeSH, ICD96, LCSH). 

• Product Model Application Protocols (STEP): the STEP community is 
developing a large set of data models for product modelling (e.g. AP281 
for modelling ships). 

• Large Databases: for specific fields of science and technology large 
databases exist which not only contain data, but often also capture 
generic knowledge, albeit in forms that are not always easily accessible. 
For example GENBANK, a large data base of molecular biology data, 
also contains a large taxonomy of organisms. 

• Knowledge on the World Wide Web: The World Wide Web (WWW) 
contains many other forms of knowledge which are structured in some 
form or other. Recently various proposals have been made to annotate 
and structure information on the WWW using extensions of HTML 
(Benjamins and Fensel, 1998; Heflin et al. 1998) or XML (Bray et al. 
1998). 

An area that has not received much attention in the knowledge engineering 
community is knowledge represented in diagrammatic form. In many domains, 
especially technical and engineering domains, diagrams are an important means of 
documentation and hence a source of knowledge. Maintenance documentation of 
aircraft, for example, largely consists of annotated diagrams and schema’s. SGML 
versions of such documents are becoming available and should be considered a new 
challenging source of knowledge. 

3. The Assets of the Knowledge Engineering Discipline 

Knowledge engineering (KE) research has evolved in many respects since the early 
days of simple rule-based expert systems. A major advance has been the introduction 
of the “knowledge-level” in the mid-eighties. Newell introduced the “Knowledge 
level” as an implementation-independent level which allows a conceptual 
description of problem solving behaviour and knowledge structures to sustain that 
behaviour. The form of the knowledge nor its location are of relevance at the 
knowledge level. It does not matter whether the knowledge resides in the head of 
someone, is documented in a book, or is represented in an information system. 

A number of knowledge modelling methodologies have been developed based on the 
knowledge-level notion (Schreiber & Birmingham, 1996). Here, we briefly describe 
CommonKADS as a typical example of the knowledge modelling approach 
(Schreiber et al., 1994). 

A CommonKADS knowledge model contains a number of knowledge types. These 
knowledge types play different roles in problem solving. The knowledge model in 
knowledge engineering consists of five major knowledge types: tasks, methods, 
inference knowledge, domain-knowledge schema’s, and domain knowledge: 

A task specifies a goal in a functional way, indicating input/output of a task and 
logical dependencies between task I/O. An example task is diagnosis, in which the 
input is a complaint about system behaviour and the output is a fault category. 
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A method is a prescription for solving a certain (sub-)problem. Example methods are 
generate & test, propose & revise, etc. Methods come in fact in two varieties. A 
generic method is a method description that is independent of a particular task. A 
task method, on the other hand is a method that is applied to a particular task, One 
can see it as an instantiation of a generic method in which generic terms have been 
replaced by task-specific terms. 

Inference knowledge describes the basic inferences that we want to make in the 
domain. An inference operates on some input data and has the capability of 
producing a new piece of information as its output. Inferences operate over 
knowledge elements. These knowledge elements are described as dynamic knowledge 
roles (e.g. the input problem, intermediate results, the solution). In carrying out their 
operation inferences also make use of knowledge elements that are not effected by 
the operation. These knowledge elements are described as static knowledge roles 
A domain-knowledge schema is a schematic description of the structure of the 
domain knowledge used to solve a problem. A domain-knowledge schema has a 
similar function as a data model in traditional software engineering, but it is more 
complex due to the meta-character of knowledge (“knowledge about knowledge”). 
The term “ontology” is often used as a synonym for domain-knowledge schema. 
Domain knowledge is the collection of concepts, relations and facts that are used by 
the inferences. 

For each of these knowledge types modelling languages and notations, both formal 
and informal, have been developed (Fensel and van Harmelen, 1994). Within the 
framework of the CommonKADS methodology a modelling language (CML, 
Schreiber et al., 1994b) has been developed which allows the semi-formal description 
of a knowledge model. CML has been extensively used to describe large ontologies 
for a number of technical domains (Schreiber et al., 1995). A special mapping 
mechanism in CML allows the construction of layered ontologies in which higher 
layer elements represent more abstract knowledge types. 

Knowledge engineering can be a laborious process. Therefore, much attention has 
been devoted in KE research to techniques for knowledge reuse. Both tasks, methods 
as well as domain-knowledge schema’s can be reused, although the nature of reuse 
varies. 

For problem-solving tasks, a task typology has been developed based on 
characteristics of the problem the tasks are set out to solve. Example task types are 
diagnosis, design, configuration and scheduling. The task types are partially ordered 
in a type hierarchy, e.g. configuration is a sub-type of design. The actual tasks in the 
application task (sometimes called the “real-life tasks”), however, rarely correspond 
to one single task type. Typically, an application task requires a combination of task 
types. For particular task types, the knowledge engineering community has created 
libraries of methods, such as the CommonKADS library (Breuker and Van de Velde, 
1994) in which a large collection of methods is listed. 

With respect to reuse of a domain-knowledge schema, the situation is more 
complicated. It is an empirical fact that the structure of domain knowledge is 
partially determined by the way it is used in the problem-solving process (“the 
relative interaction principle”). This dependency hampers reuse, because it means 
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that schema reuse depends on the task and/or method context for which it was first 
developed. However, experiments have shown that it is possible to define schema’s at 
different levels of specificity and connect these through partial mappings. This 
levelling of domain-knowledge schema’s can be used to identify different domain- 
knowledge types with different “reusability status”. Currently, we consider six levels 
of schema specification: 

An application schema is the most specific domain-knowledge schema. It contains 
precisely those domain-knowledge types that are required by a certain application. 

A method-specific schema introduces the representation required by a certain 
(subset of) methods. For example, a causal-covering method requires a causal- 
network representation. 

A task-specific schema contains those conceptualisations that are inherent to a task. 
For example, in a design task the notions of component and constraint need always 
to be present. 

A domain-specific schema describes the conceptualisations in a domain that are 
independent of the task and/or method employed. For example, we can have a 
structural description of a device that is both used in design and in diagnosis. 

An inter-domain schema generalises over domains and provides generic descriptions 
that can be found in classes of domains. For example, in technical domains within 
the process industry, reusable domain-knowledge types can be identified. 

A generic schema describes a number of definitions that are supposed to be more or 
less universally true. Generic schema’s resemble Aristotelian categories. The main 
difference is that in KE research no claim is made about the completeness of these 
schema’s. Their purpose is more pragmatic than philosophical: the schema should 
help in making as much as possible reuse of previous experience in knowledge 
specification. 

Recently some efforts have been made to create libraries of schema definitions. The 
schema types in these libraries vary. For example, the KACTUS project (Schreiber et 
al., 1995) focused on the last three types of ontologies. In the Sisyphus project 
(Schreiber and Birmingham, 1996), the identification of the differences between 
task-specific and method-specific ontologies has been studied. 

In addition to schema reuse, domain-knowledge schema’ s can also be used to support 
(semi-automatic) translation (mapping) of domain-knowledge instances of one 
schema into a instances of another the scheme. 

In summary the assets created by two decades of KE research are: 

• The knowledge level 

• Separation of different knowledge types 

• Relative interaction principle and the notion of knowledge roles 

• A set of semi-formal and formal knowledge level modelling languages 

• Ontologies as classification and description vehicles 

• Ontologies as a tower of descriptive meta-levels and as mediator between 
knowledge sources 

• Libraries of Problem Solving Methods. 
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Knowledge engineering methodologies such as CommonKADS have matured and 
are increasingly being applied in industrial contexts. It is the more remarkable that 
so few software tools exist on the market to support these methodologies. Several 
large EU funded projects have constructed prototype tool kits and workbenches for 
knowledge acquisition, knowledge analysis and KBS design. Very few of these 
prototypes have led to commercial tools, PCPACK being one of the few exceptions. It 
appears to be difficult to design usable tools to support the knowledge engineering 
process. One of the reasons for this may be that the principles underlying the 
organisation of large amounts of knowledge are not understood well enough. 

4. Multiple Views on Knowledge 

One of the central problems in knowledge modelling and information engineering in 
general has been the representation of multiple viewpoints on the objects that must 
be represented. Data modeling essentially takes a single-level view of the world. The 
data model describes in a schematic way the “objects” or “instances” that are of 
interest. For example, a data model for a database of oil platform components would 
contain types such as “heat exchanger” together with related attributes and 
relations/associations. Instances of this type are particular heat exchangers. Although 
subclass hierarchies can be used to define more abstract properties of a “heat 
exchanger”, data modelling typically allows only one possible interpretation of “heat 
exchanger”. 
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Fig. 1. Different viewpoints on a “heat exchanger” 

However, if one wants to reuse a notion like “heat exchanger”, it quickly becomes 
clear that this term can have different meanings in different contexts (see figure 1). 
For example, from an oil-platform design perspective the physical properties will be 
the main emphasis: physical dimensions, types of connections, etc. In a diagnostic 
setting functional properties such as the difference in temperature between the 
different inputs and outputs are likely to be the prime focus of attention. For dynamic 
simulation applications, behavioral properties such as mathematical properties of the 
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heat exchange process would need to be modeled in association with “heat 
exchanger”. 

It is safe to say that reuse of complex, knowledge-intensive data is impossible 
without taking these different viewpoints into account. This means that we want to 
be able to look at a data type like "heat exchanger” in different ways. This idea is 
partially present in the ANSI/SPARC architecture of databases. The ANSI/SPARC 
external views can be used to some extent for the representation of the different 
viewpoints, such as those on a “heat exchanger”. The main limitation is that the 
viewpoints themselves do not add new information: all basic information is already 
present in the conceptual schema. This is not the case in most realistic situations: 
each viewpoint on an object adds its own context-specific information items, and 
there is not one universal unified representation for all the viewpoints. Such a unified 
representation is impossible because the number of viewpoints one can take is in 
practice unlimited. In other words, objects like "heat exchanger” can be used in so 
many different contexts that it is impossible to develop in advance a complete, 
unified description of a "heat exchanger” that will prove to be sufficient for every 
possible situation. 

This observation about viewpoints on real-world objects has led to the following 
major principle for domain-knowledge modelling: 

Principle 1: The representation of real-world objects always depends on 
the context in which the object is used. This context can be seen as a 
"Viewpoint' ' taken on the object. It is usually impossible to enumerate in 
advance all the possible useful viewpoints on (a class of) objects. 

This principle has important consequences for an approach to reusing knowledge- 
intensive information items. It means that it is not feasible to strive for one unified 
representation, that can be used in multiple application settings. Typically, one 
would expect that application descriptions can be partially reused in another setting, 
namely exactly those descriptions that share a common viewpoint. For example, in 
the electrical network domain, the functional model of the network built for a 
diagnostic application might also be useful for a service recovery application, 
whereas some other knowledge items are likely to be application-specific for a 
diagnostic context. 

It should have become clear by now that the key to reuse lies in explicating the 
underlying viewpoints of a representation. This can be seen as the second principle 
underlying domain-knowledge modelling: 

Principle 2: Reuse of some piece of knowledge requires an explicit 
description of the viewpoints that are inherently present in this knowledge. 
Otherwise, there is no way of knowing whether, and why this piece of 
knowledge is applicable in a new application setting. 
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For arriving at such an explicit description of viewpoints, the notion of “ontology” is 
introduced. 

4.1 Ontologies 

We use the notion of ontologies as a vehicle for describing the underlying structure 
of pieces of knowledge. One can see ontologies as a natural next step in the 
increasing complexity of data models. There is no hard borderline between complex 
semantically-rich data models and ontologies. Ontologies specify what is called a 
“conceptualisation”: a way to view the world (Gruber, 1993). Every ontology thus 
incorporates a particular viewpoint. An ontology contains definitions that provide us 
with a vocabulary to talk about a domain of discourse. What these definitions look 
like depends on the language that we have chosen to represent ontological 
definitions. 

Two features are typical of ontologies: the fact that there can be multiple ontologies 
(= viewpoints) on the same domain, and the fact that we can identify generalisation 
dimensions of ontologies. We discuss both features in more detail. 

Multiple ontologies 

Assume we have some artefact such as a ship. One can define multiple viewpoints on 
a ship. Well-known examples of such viewpoints are the physical structure (“what 
are the parts of a ship?”) and the functional structure (“how can a ship be 
decomposed in terms of functional properties?”). Although these two viewpoints 
often partially overlap, they constitute two distinct ways of “looking” at a ship. The 
purpose of an ontology is to make those viewpoints explicit. For a design application, 
such as a CAD application, one would typically need a combined physical/functional 
viewpoint: a combination of two ontologies. For a simulation application (e.g. 
modelling the behaviour of a ship) one would need an additional behavioural 
viewpoint. Many other viewpoints exist such as the process type in the artefact (heat, 
flow, energy, ...). Each ontology introduces a number of specific 
""conceptualisations”, that allow an application developer to describe, for example, a 
heat exchange process. 

Levels of ontologies 

Ontologies are not just a flat set of descriptions of conceptualisations. Typically, one 
can identify several levels of abstractions on which ontologies can be defined. For 
example, in an electrical network domain we could have a set of ontologies of an 
electrical network in the Basque country in Spain, describing how the various sub- 
stations and their sub-parts together make up a network. We can first try to 
generalise from this ""Basque” ontology, and try to come up with ontologies for 
electrical networks in general. A second generalisation step would be to define for 
those ontologies describing electrical processes in the network a general ontology for 
electricity processes, independent of whether it is a electrical network or some other 
artefact in which the process takes place. Yet another level up, we can think about 
general categories of knowledge structures. What are the general characteristics of 
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things that we can structurally divide up in parts? Or of connections between 
components? 
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Fig. 2. Generalisation dimensions of ontologies 



Figure 2 shows this generalisation dimension in the vertical direction. A second 
dimension concerns the degree in which an ontology is specific for an application, a 
problem solving method, a task or is independent of the way in which will be used. 



4.2 Reuse and Interoperability of Knowledge Bases 

One feature of the ontology approach is that it provides a principled way for 
supporting interoperability of applications through exchange of knowledge or 
complex (semantically rich) data. This type of interoperability is shown 
schematically in figure 3. If one can assume that two applications share the same 
ontology (which is typically a sub-part of the overall application ontology of an 
application), then the two applications can exchange information that is based on 
this shared ontology. The exchange procedures can be very simple or elaborate, 
depending on the differences in implementation-specific representation choices, but 
the application developer can be sure that information exchange is always technically 
feasible. A number of examples of exchange based on shared ontologies exist. For 
example, in the Sisyphus- VT experiment (Schreiber and Birmingham, 96a) several 
contributors were able to reuse an existing knowledge base of elevator components 
and constraints in their application, even if their application was written in an 
entirely different implementation language. Typically, each application added its 
own application-specific conceptualisations, based on the different ways in which the 
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design task was realised. Ontologies served the role of explicating which parts of an 
application knowledge base can be shared, and which parts cannot. 




Fig. 3. Sharing an ontology and exchanging data 

In a ship-design domain this “shared ontology” approach was used to enable the 
exchange of ship-design data between the ship designers and the ship assessors, 
although designers and assessors have quite different ways of looking at a ship 
design. In another application a shared ontology of an electrical network was 
employed to reuse a network knowledge-base in a new application. In this latter 
application the reuse enabled the developers to construct a fully functioning 
prototype system within one week (see Laresgoiti, 96 for details). 

5. Ontologies in a Wider Perspective 

Although ontologies and problem solving methods provide a good basis for reuse of 
knowledge over individual KBS applications, a more general form of reuse and 
sharing of existing knowledge remains remarkably difficult. Even if the relevant 
knowledge to solve a problem or to answer a question can be found, it is more often 
than not in a form that is unsuited for direct use. There are many different reasons 
for this. 

• The knowledge is represented in the wrong language or vocabulary. 

• The knowledge is represented from another viewpoint than the one 
required. 

• The knowledge is represented at a different level of generality than is 
required. 

• The knowledge provider has made a number of implicit assumptions 
about the use of the knowledge. 

• Multiple heterogeneous sources of knowledge need to be combined and 
integrated in order to solve a problem. 

Ontologies and comparable representational vehicles have been proposed and are 
being employed as a potential solution to these and similar problems. In the 
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knowledge engineering community the notion of ontology is usually viewed as a 
meta-level knowledge base that captures some generic aspects of the knowledge in 
the domain. In other sub-disciplines of Information Science- to be understood as the 
general science of the nature of information and its use- other terms are used for 
similar notions. The STEP community is developing standardised product models 
(“Application Protocols”) to capture generic knowledge about a domain such as 
ships. The database world uses the term meta-data, thus emphasising the meta-level 
character of ontologies. The library sciences heavily rely on the notion of thesaurus 
as a vehicle to classify the concepts in an area of interest. In other fields of science, 
technology and the humanities we see the use of taxonomies, standardised glossaries 
and controlled lists of terms as a means to control the language used for 
classification and indexing. Last but not least. Philosophy has been concerned with 
ontology as the theory of distinctions among the entities in the world: the categories 
of being. All of these approaches have a number of dimensions in common, but differ 
widely in the approach along those dimensions. 

Representation language: Natural language is clearly not precise enough to 
represent ontologies. The Knowledge Engineering community uses a variety of 
formal and semi-formal representational languages such as Ontolingua (Gruber, 
1993), CML (Schreiber et al., 1994; Schreiber et al. 1998). The STEP community 
uses a data modelling language EXPRESS. The data base world is working towards 
UML as a standard language for semantic data modelling. The library sciences use 
standardised record structures for representing thesauri. The use of these diverse 
representational languages clearly makes knowledge reuse and knowledge sharing 
difficult. One possible approach towards solving this problem is to standardise on 
one single language. The KACTUS project (1996) has considered this option and 
rejected it. Each language has its own merits and application potential. Ontolingua is 
good for formal modelling, CML is suitable for semi-formal representation, 
EXPRESS has some disadvantages from a knowledge modelling point of view, but 
interfaces well with other engineering applications. The solution pursued in 
KACTUS was to provide partial translations between languages. For example, the 
STEP model of a ship (AP218) used in a CAD environment, was translated into a 
CML based representation used in an assessment application. In a similar vein, the 
GRASP (1996) project uses a translation of the Art and Architecture Thesaurus 
(Getty, 1996) into structures which are amenable to inference, as the core of a 
knowledge base for indexing stolen art objects. 

Representational ontology and constraints: In addition to the representation 

language, the representational constructs from which an ontology is built have to be 
defined. The Ontolingua approach provides a. frame ontology that defines a number 
of well understood knowledge representation primitives. UML and CML, which can 
be considered an extension of UML, provide a rich vocabulary for representing 
concepts (objects) and various types of relations. EXPRESS provides a number of 
constructs that are somewhat more primitive than those in modern knowledge 
engineering languages. The ISO standard for the representation of thesauri only 
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allows concept definitions in terms of simple attributes and a strict hierarchical sub- 
super type relation. Linguistically oriented constructs such as synonym and antinym 
relations, are used in (Euro) WordNet. As was argued in the case of representation 
language, standardisation on one representational ontology is unfeasible and 
probably even undesired since our representational vocabulary will change and 
continue to become richer over the years. What is important however, is that a set of 
standard mappings between the various constructs becomes available. Examples of 
such mappings have been constructed in a number of cases, but general principles for 
mappings between representational constructs are still very much a subject of 
research. 

Object versus meta-level: The original notion of ontology was intended to be used 
for theories at the meta-level: theories that describe what the distinctions and 
structures are that are used in constructing a knowledge base at the object level. This 
meta-level character has suffered some inflation since the term ontology is often used 
for the actual knowledge base of a certain domain. This ambiguity can be understood 
when we consider knowledge not at just two levels (object and meta) but at multiple 
levels that all have an object-meta relation between them. Consider for example a 
taxonomy of organisms as it is used in GENBANK. This taxonomy is a hierarchy of 
types of organisms and as such it describes the classification structure of the 
genomic data stored in the database. As such it could be considered to be an 
ontology. However, if we would construct an ontology that describes how biological 
taxonomies are constructed in terms of concepts like “kingdom”, “species” etc, the 
taxonomy would be the object level knowledge base and the ontology of taxonomic 
layers would be the meta-level (see Figure 4). In a similar way, thesauri used for 
indexing books or art objects, can be viewed as meta-level descriptions of the objects 
that are classified with the thesauri. From a knowledge engineering perspective, such 
thesauri are just knowledge bases about a certain domain. What is an ontology at one 
level, can be viewed as a knowledge base at another level. Current practice in 
ontology construction does not always make a clear distinction along the object-meta 
level dimension. Clarifying this dimension and making the object-mata relation 
explicit would enhance the interoperability and reusability of ontologies and 
knowledge bases. 
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Fig. 4. Ontologies at meta and object level 



Hierarchical structure of concepts: Most ontologies and similar vehicles use a 
hierarchy or taxonomy of concepts as the backbone of their structure. However, the 
way in which such a hierarchy should be organised is a matter of much debate. 
Fridman-Noy and Hafner (1997) discuss the top-level hierarchies of ten different 
ontologies. There appears to be little or no correspondence between these top-level 
structures. However, some of the distinctive categories -such as abstract versus 
concrete, or tangible versus intangible- occur in many of the ontologies albeit in 
different levels in the hierarchy. This lack of consensus on a top-level ontology poses 
a serious problem for knowledge reuse and interoperability. The cause of the 
disagreement lies in our opinion in the different viewpoints that the various ontology 
constructors adhere to and in the fact that these viewpoints remain implicit. As we 
have argued above, fixing one or more viewpoints on a domain is virtually 
impossible, hence we should not strive for one fixed hierarchical structure that we all 
agree upon. 

A possible solution direction is to make the viewpoints that underlie a hierarchy of 
domain concepts explicit and focus on the construction process rather than on the 
result itself In the KACTUS project this line of thought was explored by 
distinguishing different types of ontologies: primary ontologies and secondary 
ontologies. Primary ontologies represent knowledge about concrete or abstract 
entities in the world according to a particular set of viewpoints. Secondary ontologies 
represent knowledge about the viewpoints and distinctions we can impose on the 
world. As an example consider the viewpoints physical, functional and behavioural 
that we discussed before in the context of viewpoints on devices such as a heat 
exchanger. Applying these viewpoints to the notion of “entity” in a primary ontology 
would result in a top-level hierarchy as shown in the left branch of figure 5. 
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Fig. 5. Applying viewpoints to “entity” 



Figure 6 shows a hierarchy of devices used in the process industry generated through 
the application of a number of viewpoints: functional, process, domain of operation 
(thermal energy, fluids, electricity). The advantage of this explicit application of 
viewpoints is that we can always trace back the process of the hierarchy construction 
and we can map concepts from different hierarchies onto each other. A similar 
technique is sometimes used in thesauri through the incorporation of “guide nodes”. 
The AAT (Getty, 1996) for example often inserts intermediate nodes which describe 
what differentiating property was used to generate the sub tree (see Figure 3). 
Another interesting variant of the principle of explicating the differentiating 
dimensions is used in the top-level ontology of Euro WordNET (Rodriquez et al., 
1998). Here a selected set of concepts is characterised on a fixed set of semantic 
properties such as origin, function, form. This allows to determine the general 
semantic class that a concepts in a certain part of the hierarchy belong to. 
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Fig. 6. A taxonomy of devices generated by various viewpoints 



The general principle that underlies these approaches is to make the semantic 
distinctions that were used in construction of a hierarchy explicit part of the 
ontology, thus enabling a better analysis of what the context of a piece of knowledge 



6. Knowledge Management 

With large amounts of knowledge becoming available in more or less explicit form, 
the management of this knowledge comes into focus. The current trend to view 
Knowledge Management largely in an organisational context does not do justice to 
the fact that the shear size of the knowledge that mankind as a whole possesses needs 
some form of management itself. It is an important challenge for the research 
communities concerned with knowledge and its description, to contribute to the 
knowledge management area. We define Knowledge Management as the collection 
of those processes that describe and administrate the knowledge assets of an 
organisation or community and that guide the conservation and enlargement of those 
assets. Like Knowledge Engineering, Knowledge Management is thus concerned 
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with modelling of knowledge and knowledge-intensive processes. However the 
practical means for effective Knowledge Management are scarce, if available at all. 

The processes that constitute the Knowledge Management activity itself can be 
viewed as knowledge-intensive problem solving tasks. Knowledge is not only the 
object of Knowledge Management, but Knowledge Management itself requires 
knowledge of ways to describe knowledge, to develop knowledge and to maintain 
knowledge. Again this meta-object nature causes problems in understanding what 
exactly is being managed. As long as this difficulty exists it is hard to develop 
methods and techniques for Knowledge Management. In addition, methods for 
operating on knowledge (explicating, developing, combining, distributing, 
validating, consolidating) knowledge are as yet not very well understood. We will 
argue that the Knowledge Engineering discipline can provide some ingredients from 
which Knowledge Management methods and tools can be built, if they are combined 
with results of efforts in Information Sciences. 

A first, and most important lesson that can be learned from KE is that the 
Knowledge Level is the right level to describe knowledge. Although aspects such as 
accessibility, learnability and usability of knowledge are important properties of 
knowledge in a KM context that may depend to some extent on symbol level 
properties, the most important aspect of knowledge in KM is its content and not its 
representation or implementation. 

The grain size used for describing knowledge in KM can vary according to the scope 
and goals of the management activities, but will no doubt be larger than the grain 
size used for KE. In KM one typically uses notions of collections of concepts, facts, 
rules, procedures etc. rather than the individual knowledge elements. The classic KE 
distinction between knowledge about a task and domain knowledge used to perform 
that task is also a useful one for KM. In addition to the description of the content of 
knowledge, it is important to know where the knowledge resides, what its availability 
is and how it will involve in time (Gardner, 1995). Although designed for modelling 
knowledge at a low grain size, modelling languages like CML (Schreiber et al. 1994) 
are well suited for the representation of knowledge for KM. 

Problem Solving Methods have their pendant in KM as methods for developing, 
combining, distributing and consolidating knowledge. It would be interesting to 
investigate whether a library of such models can be constructed in a similar vein as 
the KE community has constructed libraries of problem solving methods. 

Ontologies can play a role in KM at different levels. At the lowest level -the object 
level- they play an important role as schemata for representation and indexing of 
information. For example, an ontology of materials and techniques for painting can 
be used as an index of a library of scientific papers. Thus, ontologies at the object 
level support the accessibility of knowledge. In many domains such ontologies or 
thesauri exist or are being constructed, often by researchers with an Information 
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Science background. The techniques and tools developed for KE can provide support 
for this construction process. 

At a second level an ontology can help the knowledge manager to model the business 
processes in an organisation. One can envisage libraries of models of processes, 
functions and roles in various types of organisations. Similar to reference models 
used for the construction of classical information systems, such a library can greatly 
enhance the effectiveness of the KM process. 

At a third level, we envisage an ontology of knowledge management concepts and 
tasks. The current literature on KM uses a rather heterogeneous vocabulary. This is 
not surprising, since the study of knowledge at a higher level of aggregation than 
sentences or facts, has been largely informal. Whereas KE can build upon the formal 
terminology and theories of logic and Artificial Intelligence, KM has to resort to 
informal notions in natural language with terminological ambiguity as a result. As 
an example consider the terminology for knowledge collections at different level of 
detail - the “knowledge span” dimension as Wiig (1993) calls it. 



Knowledge span (Wiig) 


KE terminologj 


Example 


(no term) 


knowledge field 


Medicine 


knowledge domain 


knowledge region 


Internal Medicine 


knowledge region 


knowledge section 


Endocrinology 


knowledge section 


knowledge domain 


Growing Disorders 


(no term) 


knowledge structure 


Taxonomy of diseases 


knowledge segment 


task knowledge 


Diagnosis of growing 
diseases 



Table 1 



Table 1 shows the terminology for knowledge areas as used by Wiig compared to the 
terminology used in KE (Abu-Hanna, 1993). We are not arguing in favour of one or 
the other set of terms, but we want to illustrate the lack of agreed upon terminology. 
An ontology in which categories and concepts of knowledge at the aggregation level 
that is required for KM, could alleviate this problem. Such an ontology would be the 
starting point for theories and methodologies for KM. 

7. Conclusions 

Various fields of information science dealing with knowledge face the fundamental 
problem of imposing structure upon the enormous collection of knowledge items that 
is already available. Twenty years of knowledge engineering practice has taught us 
that knowledge is only useful if it is known what its context and scope is and what 
viewpoint it represents. We have argued in this paper that it is of crucial importance 
to characterise knowledge explicitly along a number of dimensions: 
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• Level of generality: is the knowledge at the top-level, generic, domain 
specific or application specific?. 

• Task specificity: to what extend is the knowledge specific for a class of 
tasks or problem solving method, and if so what tasks and methods are 
supported?. 

• Scope: what type of knowledge area does the knowledge belong (a field, 
a domain, a region)? 

• Coverage: how well does the knowledge cover the area? 

• Content area: to what content area does the knowledge belong (e.g. 
medical, oil production, art and antiques)? 

• Viewpoint: what viewpoints are represented in the knowledge structures 
(e.g. technical, geometrical). 

• Assumptions: what assumptions underlie the knowledge (e.g. time 
independence). 

• Links: what links to other knowledge are there (e.g. a meta-object 
relation, multiple viewpoints relation)? 

• Rigour: to what extend is the knowledge include a “full” axiomatization 

• Representational commitments: what are the basic representational 
constructs from which an ontology or knowledge base is built. 



Without such characterisations reuse, knowledge sharing and interoperability is 
difficult to achieve. A crucial problem is whether a unified ontology for these 
dimensions can be constructed and whether a consensus can be achieved about such 
an ontology. Once such a consensus is achieved we can start to develop mappings 
between knowledge bases and ontologies with different characterisation and 
ultimately work towards integration of knowledge from various sources. An 
important problem related to that of characterising knowledge, concerns the 
principles for organising knowledge in structures of a higher grain size than 
concepts, relations and axioms. Terms like module, theory, model, taxonomy are 
used in a variety of ways. Describing and reasoning about knowledge at a higher 
level of aggregation requires a new formal vocabulary and new theoretical 
frameworks. A systematic development of such terminology and its formalisation 
should be high on the research agenda. 

These problems bring the knowledge engineering and the knowledge management 
community together. Knowledge sharing an reuse can only be achieved when 
knowledge repositories are annotated with and structured according to a consistent 
set of knowledge characterisations. Knowledge management is concerned with the 
mapping of these characterisations within an organisational context and with the 
measures that influence that mapping. Knowledge engineering should be concerned 
with the ways in which knowledge items can be described by such characterisations, 
what types of knowledge can be used in what context, what constraints a particular 
characterisation entails and how knowledge with different characteristics can be 
mapped and integrated. Other branches of Information Science are concerned with 
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similar issues and are developing their own solutions. The time has come to join 
forces and to attempt to establish a common framework to organise our knowledge in 
the digital age to come. 
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Abstract. CommonKADS methodology for the analysis of human expertise 
and the development of knowledge based systems yields as a result a library of 
generic tasks and problem solving methods (PSM’s), to be used as components 
of a conceptual model; later on the corresponding formal and design models 
have to be made. Currently, given the conceptual model, a complete description 
that explains how we can obtain the program code is not available yet, though 
important efforts have been made in order to describe such transitions. Besides, 
an immediate question is how much these descriptions depend on the generic 
task. 

Our conjeture in this article is that in addition to the libraries of generic 
tasks and PSM’s, there is an underlying structure indeed, a common structure 
for most of these tasks, at least for the diagnosis and planning tasks. In these 
cases, we can describe a constructive method for obtaining the operational code 
for the task and the associated PSM. That is, if we describe the generic task in a 
suitable way, in terms of natural language, we can establish relationships 
between this description and some structure we can represent by means of 
hierarchic graphs. Since we can also establish relationships between the 
program code and such graphs and both relationships are constant and 
reversible, we can always use this method to obtain the program code, given the 
generic task and inversely, to obtain the graph and the model at the knowledge 
level from the code. 



1 Introduction 

In his influential paper on the knowledge level, Allen Newell said [9]: ’’Each 
[computational] level is defined in two ways. First, it can be defined autonomously... 
Second, each level can be reduced to the level below... Each aspect of a level... can be 
defined in terms of systems at a level below... Some intrincate relations exist between 
and within levels, any instantiation of a level can be used to create any instantiation of 
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the next higher level". This describes very well the situation, when we try to compute: 
we have the knowledge on our problem and we have to reduce it to the program code. 
Later on, we have to retrieve the knowledge when we obtain the computational results, 
and we have to beware of making mistakes when we instantiate the upper level by 
using the lower level instance [6]. 

The question is: how do we find the reduction road in every case? And the 
immediate sub-question is: do we have to find it again in every new case? Some trends 
broach the problem by modelling the knowledge level by means of generic task 
structures, based on a generic tasks library: any problem we try to compute could be 
described in terms of more simple problems to solve, in terms of a structure of generic 
tasks and associated problem-solving-methods (PSM’s). There have been two main 
investigations on generic tasks: Chandrasekaran's works [3] and KADS [15, 12] and 
CommonKADS [11] methodologies. 

According to KADS, as a result of the analysis of the problem that we have to 
compute, we obtain the expertise model, that consists of two main models: the domain 
knowledge model and the generic task model. However, the problem we aim remains: 
there is not any explicit procedure that make us able to build the program given these 
knowledge level models. The same can be said about CommonKADS and the more 
recent efforts concerning the development of libraries of generic tasks and reusable 
problem-solving-methods with explicit ontologies [2]: the transitions between 
conceptual, and formal models and the final program code are still an open problem. 

In this paper we are going to see that it is possible to describe a procedure to reduce 
the knowledge level to the level below, that is, to describe a procedure to obtain 
program code from the knowledge level models of a generic task and a method, with 
the corresponding assumptions concerning the model of the domain knowledge and the 
knowledge acquisition strategies associated to the PSM. We shall need a suitable 
natural language description for the knowledge level model and we shall lean on some 
specific structure, represented by hierarchic graphs. Then we must find relationships 
between this structure and the knowledge level description, and on the other side, 
between the structure and the symbol level elements, i.e. the programming code. 

The rest of this article is structured as follows. In section 2 we present a description 
of the hierarchic graphs. Then, in section 3 we study the case of protocols as design 
plans. First, the task is described in natural language. After this, the correspondence 
with a hierarchical graph is establised and finally the graph is interpreted en terms of a 
programming language. Thus, the reduction process is completed. 

In section 4 we repeat the method for an analysis task (the hierarchical 
classification in the Chandrasekaran’s sense). We start again giving precision and 
content to the entities of the domain of interest and the selected PSM (establish and 
refine), explaining their meaning at the knowledge level and then proposing a 
computational description, via the graphs of section 2, which again provide an 
unequivocal link to the symbol level. 

The article ends with a reflection on the long term conjecture underlying our work. 
Namely, that similar descriptions can be found for many other generic tasks and 
PSM’s, because the graph structure of section 2 is invariant, provided some restrictions 
in the knowledge elicitation process. 
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2 Hierarchic Graphs 

Figure 1 is an instance of a hierarchic graph. A graph [5, 10, 16] is hierarchic if it is 
connected, directed, finite, perhaps with some cycles, and there is always a node (the 
starting node) whose descent is the rest of the nodes (and maybe itself). We use some 
symbols to represent the elements of the graph: the graph itself by Pj^ , the nodes by Sj , 
the arcs by Aj and something associated with every node by M- . 

Graph 




Fig 1. Hierarchic graph instance 

We consider these symbols are sets whose elements describe the graph. So we can 
say there is a set D of descriptions, such as 

D=PuAuSuM 

that is, there are sets like Dj^ g pD), and we consider (i.e. we interpret) their elements 
e i>k are propositions that describe the graph. But, in order to describe the graph 
completely, we relate a node Sj to its successors by means of O recursively: 

O ( Si u ?k , n ) = Sg u Pk 

where n is an integer that expresses some order in the successors, and Sg is a successor 
of Sj . We also relate a node Sj and an arc that start at the node Sj and points to the 
successor Sg , by defining F: 

r ( Si u Pk , n ) = S| u Pk U Ag 

and we also relate these to the succesor Sg of the node Sj by defining cp : 

9 ( Si u Pfc u Ag ) = Sg u Pfc . 



Therefore 
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O ( Sj u Pk , n ) = (p( r ( Sj u Pk , n ) ). 

Finally, for every node Sj , we define |li, like this: 

n ( Sj u Pjf ) = Mj u Pk . 

It is also easy to see we can obtain a more complex graph where there is more than 
one starting node, simply by joining several hierarchic graphs [7]. If we join two given 
hierarchic graphs, Pj^ and Pq , some nodes belonging to Pj^ have now successors 
belonging to Pg or vice versa; for instance if Sj belongs to graph Pj^ and Sj. belongs to 
graph Pq , and by joining these two graphs Sj. becomes a successor of Sj , then 

O ( Sj u Pj^ , n ) = Sr u Pq 

r ( S| u P|^ , n ) = Sj u Pj^ u Aj. 

(p ( Si u Pfc u Ar ) = Sj. u Pq . 

The same applies for every junction in the more complex graph. 

In terms of generic task, nodes represent domain knowledge, and arcs permitted 
inferences. Domain knowledge and inferences knowledge are components of expertise 
model as we can find them traditionally described [12] as well as in more recent issues 
[14], as components of conceptual model. Besides, we need a third component: 
computational flow, procedural knowledge or the generic task itself. 

First, in order to obtain a more simple expression for that third component, it is 
easy to see that we can rewrite the previous expressions in the following terms 

h( Mi u Pk , n ) = Ms u Pk 

g( Mi u Pk , n ) = Mi u Pk u As 

f( Mj u Pk u Ag ) = Mg u Pk 

so that 



h(MiuPk,n) = f(g(MiuPk,n)). 

These expressions are analogous to the previous ones, but we refer to M instead 
ofS. 

Now, computation has some input, we can represent by sets A’j g p ( A' ), and we 
enlarge the domain knowledge representation by D' = D U A', besides we need to 
define some relation between inputs and inferences, by means of K: 

K ( A’i ) = Ar . 

As to our model, it is true that 

3l As 6 p ( A ) : 

[ g( Mj U Pfc , n ) = Mj U Pk U As A f( g( Mi U Pk , n ) ) = Mg U P|f ] 

and since Ag is unique, we say that each m^ G Mg is true if and only if 
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3a;sP(A’):[K(AV) = As]. 

Let US define V, recursive, that verifies both expressions, i.e., 

V ( A’r , Mj ) = Mg « [ 3 1 As e ^ ( A ), 3ne N : 

[k(AV) = As]a 

[ g( Mj u Pjj , n ) = Mj u P|j u Ag A f( g( Mj u Pjj , n ) ) = Mg U Pk ]] 
or else 

V ( A'r , Mi ) = 0. 

For the starting node, it is true that 

3A'q€^(A'):[V(A'q,0) = Mi] 

that is, inputs that set the system to their initial state; then V applies recursively. 

Depending on the choice of k several kinds of computation may result. A simple 
case can be obtained, for instance, if we disregard probabilistic systems, fuzzy, and so 
on; we could choose 

K ( A'i ) = Ay O [ [ Va'jj G A'l , 3 a^j. G Ay : a'y =» ayj. ] A 
Vayj. G Ay , 3 a'y G A\ : a'y => ayj. ] ] 

that immediately lead us to the following expression, if the elements belonging to sets 
are supposed to be propositions: 

[f( Mi U U Ag ) = Mg U Pj^] O 

[ mij^ A m[2 A ... A mi^j A A a^2 A ... A a^^ =^m^i A mg2 A ... A mgy]. 

That yields a deducible system, using the first order logic. 



3 Protocols as Design Plans and the ‘‘Act-Check-Decide” Method 

We are going to broach the protocol problem in medicine [1], from the viewpoint of 
the generic tasks modelling, and we shall propose and prove a method to obtain the 
program from a suitable natural language description given this specific model and 
problem. 

As a result of medical research and experience on a specific disease, there are 
protocols that describe the available strategies for taking care of the patients. After a 
disease is diagnosed, there may be one or several protocols available as well as choices 
for every one of them. When the protocol is chosen, we know the routine steps that 
should lead the patient to retrieve the health, as much and soon as possible. In the best 
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case, we shall give up the protocol because of this. However, depending on the patient 
response, there could be some reasons to either change the protocol and enter another 
one for the same disease or to give it up because of the lack of suitable results. 
Protocols may consist of medical treatment like chemotherapy, as well as radiotherapy, 
surgery, etc. 

3.1 Task Structure and Natural Language Description 

We can think of the generic task as a kind of plan with the associated PSM 
''act_check_decide'\ as is represented in figure 2. a. After the “act and check” of a step 
we have to decide the next step according to a set of reasons. This decision can be 
refined according to the inference structure of figure 2.b, making explicit the 
knowledge that was implicitly associated with the decision. We substitute the sequence 
fcheck_complains^ decide} by { patient _state —> select_lj, { plan_situations 
select_2j and {compare}. 




Next step 



Fig 2. Generic task “to carry out a plan”, a) PSM “act-check-decide”. b) Refinement of the 
{decide} inference into { select _1, select _2 and compare}. 

Once we have a description for the generic task model, we can propose a suitable 
natural language description, as follows, for the steps of an hypothetical protocol, 
where depending on the state of the patient, different medicines (or any other 
treatments) are suitable: 




27 



Protocol ’’Protocol name”. 

Apply step ”1”. 

After step ”1” we may have ”2”, ”3”. 

Apply step ”2” if state is ’’(reasons 
Apply step ”3” if state is ’’(reasons 
In step ”1” apply ’’(medicines and doses...)”* 
etc... 

The bold types represent the description related to generic task, while the rest 
represents domain knowledge. We impose that such a clear description like this 
expresses precisely what we mean, so there is not ambiguity at all. 



3.2 The Hierarchic Graph Interpreted in Terms of Protocols 

As to the expertise model, we can interpret D as the domain knowledge, while O, cp 
and r can be interpreted in terms of the generic task knowledge. As to the domain 
knowledge on protocols, we interpret the elements belonging to A as the reasons that 
lead us to the next step, the elements belonging to S as the consecutive steps, and the 
elements belonging to M as the medicines (or any other treatment) for the patient. By 
comparing this interpretation with the natural language description suggested before, 
we can build the following table. 



Natural language statements 


Relationships with the graph elements 


Protocol ’’Protocol name”. 


Protocol Pj^ . 


Apply step ”1”. 


Apply step S ] . 


After step ” 1 " we may have ”2", "3". 


After step S | we may have S 2 , S 3 . 


Apply step ”2” if state is ’’(reasons ...)”. 


Apply step S 2 if state is A 2 * 


Apply step ”3” if state is ’’(reasons ..)”. 


Apply step S 3 if state is A 3 . 


In step ”1” apply ’’(medicines and 
doses..)”. 


In step S 1 apply M | . 



As to the generic task knowledge on protocols, we interpret: 
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Expression 


Interpretation 


|X( Sj u Pk ) = Mj u Pk 


On step Sj of protocol P]^ , the patient must have 
the treatment Mj . 


O ( Sj u Pk , n ) = Sg u Pk 


After step Sj , a choice is step Sg . 


r ( Sj u Pk , n ) = Sj u Pk u Ag 


After step Sj , some of the characteristics of the 
patient can be Ag . 


(p ( Sj u Pk u Ag ) = Sg u Pk 


After step Sj , if the patient characteristics 
are Ag , apply step Sg . 



Based on a depth-first search throughout the whole hierarchic graph, we can 
describe an algorithm to generate the hierarchic graph structure from the natural 
language description. This algorithm depends on the generic task; however since this 
task represents the most complex case, other algorithms should be a similar or 
simplified case. It is clear this is a constructive procedure. 



3.3 The hierarchic graph interpreted in terms of programming 

Now that we have the relationships between graph and natural language, we need the 
relationships between the graph and the programming elements. We are going to show 
these relationships for a rule base system. Similar descriptions can be obtained for a 
3rd generation language, languages like Common LISP, or programable logic 
implementations of the equivalent finite state automaton. 

The case of a rule based system is quite easy, if we consider cp. Bear in mind that 

<I>( Sj u P|^ u Ag ) = Sg u Pjj 

defines arranged pairs 

^iks ~ ) 

and also 

[I ( Sy U Pj^ ) = My 'U Pjj 

defines arranged pairs 

R''uk = (Su'-'Pk’MyUPk). 

So Rj]^g can represent a rule, where Sj u Pj^ u Ag is the antecedent and Sg u Pj^ is 
the consequent and analogously for R . Disregarding Pj^ as constant, the elements 
belonging to Sj , Sg and Ag can be translated into programming elements, as usually in 
a KBS. For instance, suppose a simple hypothetical case, if Sjj e Sj represents step 'T', 
Sgj G Sg represents step "2", agj g Ag represents "temperature greater that 37 °C", and 
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m^j G Mg represents "one aspirin", we can define, respectively, programming variables 
like "number-of-aspirines = 1" and programming expressions to evaluate like 
"temperature > 37". A similar procedure was proposed by Barreiro et al. [1], they call 
it generalized magnitudes. It is easy to see that also any of these expresions could be a 
predicate. On the other hand, the inference mechanism or inference engine is 
represented mainly by cp, but also by O and F. 

Let us see an example for Nexpert Object. This environment has a language for 
defining rules and other elements, like objects, called text format. So we have to 
associate the elements describing our graph with Nexpert Object's text format 
elements. In order to implement S- , A- and M- as objects we associate the elements 

Sj with a form 



where 

a^ix represents an assign operator 
P^ix represents the destination operand 
8®ix represents another operand 
we associate every a^^G A- with 



where 

a^iu represents a relational operand 
P^iu represents an operand 

represents another operand, 
and analogously we associate every m^^ G Mj with 



[a\ 



where 



oi^iy represents an elemental operator (sum, assign, etc.) 

represents the destination operand 
5™iy represents another operand. 

Now we can associate these forms with Nexpert Object text format syntax 
expressions like 

( operator (property-slot) (value) ) in general 
( operator (property-slot) ) when operator is "Yes" 
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So, we associate 



with Sj^ , 
with ajy , and 



( Yes ( cmj^ ) ) 

( oaju ( caju ) ( vaju ) ) 

( omiv ( cmiv ) ( vmiv ) ) 
( Yes ( cmiv ) ) 



with mjy , where 

oaiu , omiv ,Yes 
csix , caiu , cmiv 
vsix , vaiu , vaiv 

Then for the R rules, we can write: 



are operators, 
are property-slots, 
are values. 



(@RULE= U 

(@LHS= 

( Yes ( csj ) ) 

) 

(@HYPO= csj) 

(@RHS= 

(omji (cmj] )( vmii )) 

( omj2 ( cmi2 ) ( vmj2 ) ) 
( omj3 ( cmi3 ) ( vmi3 ) ) 

( omjn ( cmjn ) ( vtriij, ) ) 

) 



) 



and for the R|^ rules, we can write 



(@RULE=Y 

(@LHS= 



(Yes (csj)) 

( Yes ( cpk ) ) 

(oaji (caji )(vaji )) 

( oai2 ( caj2 ) ( vaj2 ) ) 
( oaj3 ( caj3 ) ( vaj3 ) ) 



( oaj„ ( cajn ) ( vajj, ) ) 

) 

(@HYPO= csy ) 

) 

Now, the relationships between the natural language statements and the 
programming code we choose are clear, since we established the relationships between 
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natural language and the hierarchic graph, and we just established the relationships 
between the hierarchic graph and the programming code. 

4 Hierarchical Classification as a Basic Diagnosis Task 

Our long term conjeture is that three task structures: one of analysis (to make a 
diagnosis), another of synthesis (to propone and follow a plan) and a third of 
modification of the other two in accordance with the expert’s experience (modification 
of diagnosis and therapy plan parameters by learning) may be sufficient to model the 
basis aspects of reasoning in many domains [8]. 

In section 3 we have considered the generic task of “to carry out a plan”. Here we 
present briefly the hierarchical classification as a basic task in medical diagnosis. 
According to the classic Chandrasekaran's description of hierarchical classification [3], 
where the method was described in terms of "establish" and "refine", each "establish" 
could be associated with a node, if we think of the nodes as different degrees of 
refinement, these degrees of refinement being states (and the permitted inferences 
being the permitted refinements). Note that similar descriptions can be found in KADS' 
library of generic tasks [12] and as part of Clancey's heuristic classification [4]. 
Therefore, we could achieve a description like 

Refine acute lymphocitic leukemia into LI, L2, L3. 

Establish LI as 75% homogeneous lymphocite population, small 
lymphocites, with scarce cytoplasm, relatively coarse cromatin pattern, 
regular nuclear shape, conspicuous nucleoli in more than 75% of them. 



from the FAB classification of leukemias. By means of the algorithm we can generate 
the graph elements. The algorithm for the hierarchical classification is a simplified case 
with regard to the most complete case of the generic task to carry out a plan. Due to the 
structure of the natural language statements, we can represent their elements by 
symbols: 



Symbolic expression 


Represents... 


(E^i , , e^j ) 


an "establish" statement 


(P^i-pVpLp^il P^in) 


a "refine" statement 



where 
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Knowledge level element 


lEBSSSBBSSBSKKKi 


gE. 


the word "Establish" 


9 


e'- 

1 


the concept to establish 


Si 


£^i 


the word "as" 


none 


e2j 


the characteristics 


Ai 


pRi 


the word "Refine" 


0 




the concept already established 


Si 


p‘i 


the word "into" 


none 


P^il -P^i2- 


the possible refinements 


Sk > Stn ’ ••• 


lower index i 


an arbitrary statement number 


none 



In order to associate a meaning with the set Pj^ , we introduce ), where 

71^ is related to such set. Then, the algorithm can be described as follows (note that 
So=0): 

{ Algorithm that generates the graph structure from the natural language statements } 
Begin. 

Search such that there is not any such that j . 

When you find it, let = S| and then let £^j = Aj; so we have built 

9(PkU Ai) = SiuPk. 

Depth ( £^i ) 

End. 

And the procedure "Depth" can be described as follows: 

{Depth (^)} 

Begin. 

Search p^j^ such that p^j. = ^. 

When you find it, for every r in the same statement k (where p^]^ was found) do: 
Begin. 

LetO(p\u7i\,r) = p2;^u7r\. 

Search e\ such that . 

When you find it, take £^3 in the same statement s and 
let T(Xkj 71^]^ , r ) = ^ u u £^g , 
let (p( X, U 71^]^ u £^S ) = £^s U TT^J^ . 

Depth ( £^s )• 

End. 

End. 
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By means of this algorithm, we can find out the underlying computational structure 
for the problem (stuck to these statements only), as we can see in figure 3. 



Graph 




Fig 3. An easy example for the FAB classification of leukemias. 



And following the method we explained before, we could write the following rule: 

(@RULE= RES005 
(@LHS= 

( Y es (leukemia. lymphocitic_acute)) 

(> (lymphocites.homogeneous_population_percentage) (75.0)) 

(= (lymphocites.size) ("SMALL")) 

(= (lymphocites.cytoplasm_volume) ("SCARCE")) 

(= (lymphocites.cromatin_pattern) ("COARSE")) 

(= (lymphocites.nuclear_shape) ("REGULAR")) 

(> (lymphocites.percentage_with_conspicuous_nucleoli) (75.0)) 

) 

(@HYPO= leukemia.Ll) 

) 

where the interpretations we made are easy to understand, since we used mnemonics 
for the names of the property slots and values, besides we provided the natural 
language description; but it is clear there is an implicit translation table between natural 
language statements and hierarchic graph elements, like 
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element 


set 


meaning 


H 


Si 


acute lymphocitic leukemia 


S2 


S2 


LI 


S3 


S3 


L2 


S4 


S4 


L3 


^21 


A-2 


75% homogeneous lymphocite population 


^22 




small lymphocites 


323 




with scarce cytoplasm 


324 




relatively coarse cromatin pattern 


325 




regular nuclear shape 


326 




conspicuous nucleoli in more than 75% of them 



and an analogous table between hierarchic graph elements and text format elements, 
we do not provide. One have to bear in mind these tables. Note that for a hierarchical 
classification, the hierarchic graph has not any cycle; note also that the interpretation of 
the elements of the graph in terms of the domain knowledge depends, of course, on the 
generic task; however the graph elements that are interpreted as domain knowledge, 
inferences, etc., are always interpreted like this for all generic tasks. 



5 Conclusions 

Whether one accepts our formalism or whether one does not, the explicit transition 
between natural language and program code is always needed [13]. This means there is 
an interpretation of either the formalism or the program code, that must be made in 
terms of natural language semantics or else we could never understand what the 
formalism means and what the program code means. Once acepted that the meaning of 
the models of expertise always remain in the external observer domain and at the 
knowledge level, the rest of our proporsal in this article is crystal clear: there is a 
common structure underlying a representative set of generic tasks and PSM’s, if we 
think of generic tasks in terms of states of knowledge, and then we represent these 
states (and the corresponding state transition conditions) by means of a hierarchic 
graph. In these cases, a constructive method to obtain the program code can be 
described, if we express the generic task model by means of natural language. Mainly 
domain knowledge will determine the terms to interpret the state (for instance, we can 
interpret a state as the degree of refinement in a hierarchical classification). Following 
the method we have shown in this paper, we can establish relationships between a 
natural language description of a generic task and a hierarchic graph; this relationship 
is constant given the generic task. Since the relationships between the hierarchic graph 
and the programming code are constant given the program language, we can describe 
the method to generate the hierarchic graph structure from the natural language 
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statements, and automatically generate the program code, given the generic task and 
the program language. 

Therefore, if the formalism included in our reduction method is a powerful tool for 
avoiding the lack of consistency and precision of conceptual models, it is because of 
the clear, precise and unequivocal translation tables (meanings and causalities) we use 
for first reducting and later interpreting such formalism. These semantic tables tell us 
about the richness of what we mean when we wrote the formalism. 
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Abstract. The goal of ^cursion O^anipuCation is to design a calculator 
that provides formal proofs for a particular type of formulae corresponding to 
the task of program construction and program verification of recursive 
procedures. Recalling first that Godel’s result cannot be used as a 
mathematically justifiable argument against RM, the paper illustrates the 
strategic importance of in the design of autonomous, self- 
reprogrammable robots. In particular, on the basis of more technical papers 
making a necessary theoretical support for this paper, we illustrate that for 
roboticians it is sufficient to be concerned with an external characterization 
of Relying on the Tfieory of ConstmctiBU (Domains, the framework of is 
powerful enough to take care of logical justifications inherent to various 
forms of induction schemes (i.e., the termination justifications for recursive 
programs and plans). The paper illustrates also that two, not necessarily 
compatible, types of efficiency are related to recursive plans. 

1 Introduction 

One of necessary features of a user-independent system is the possibility of opaqueness 
of the system’s internal mechanisms for a user using it for standard purposes. Thus, 
an automated system is not always user-independent. A design of a robot working in 
an environment requiring a user-independence of the robot necessarily requires an 
understanding ofthe essential difference between an automated and a user-independent 
system. Fully understanding the potential of the user-independence of a system is then 
just a small mental step away from somewhat interesting conclusions*. 

The goal of Recursion Manipulation is to design a user-independent 

system able to construct and verify recursive programs and plans which are specified 
formally by the essential property that holds in the considered environment between 
the input arguments and the output once this plan is applied to its input arguments. 
Since some forms of inductive reasoning (i.e., ‘creative’) are necessarily integrated 
into the deductively oriented (RM, as we recall in [5], an (RM system is not in 
contradiction with Godel’s results — it should be (or become) clear that these are not 
related to a deductive environment enhanced by inductive tools. Thus, the notion of 
undecidability is irrelevant to RM. This must not be interpreted as taking 
undecidable problems and making them decidable. It has to be understood, for 
problems solvable ‘by-hand’, as a rigorous, i.e., mathematically justifiable, and 
practically manipulable organization of ‘infinite chaos’ (which is a sign, a symptom, 
of undecidability) so that appropriate inductive tools (relying on the rigor and routine 



* For instance, when a robot is accidentally damaged while the core of its logical part 
remains intact, if this robot is able to construct and verify programs (and plans) user- 
independently, it will be able to reprogram its own damaged parts in the best case and, if 
this is not materially possible, it may adapt itself to a new role, a role for which it was not 
initially designed but which is also not incompatible with the original purpose and the 
environment in which it finds itself. With respect to the high cost of robots, this self- 
adaptation may be of some economic value. 
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character of the deductive ffameworkto prepare a kind of ‘organized infinity’) can be 
well-specified, developed for, and used in a deductive framework without the drawback 
of bringing a logical inconsistency of the resulting extended framework. 

Constructive Matching MethodoCogy (CMM) represents one, and so far unique, 
approach trying to achieve the goal of HIM. Since CMM builds a user-independent 
system, roboticians (or ordinary programmers) do not need to know how it works. 
They only need to know what to use it for. Nevertheless, the exact specification of a 
standard use of an ^RM system contains an implicit requirement: in order to construct 
and verify recursive programs and plans user-independently, some particular 
formalization of the intended domain has to be given. This is not and cannot be the 
task of the experts in !RM. On one side, the experts in ^RM cannot foresee all the 
domains that may be interesting for roboticians or ordinary programmers. Often, by 
their confidential character, these domains may even be (and/or should remain) 
semantically ‘inaccessible’ to the experts in d(M. In consequence, the following can 
be interesting information to be aware of: 

A positive result of CMM is that it shows that, for an intended domain, it is 
sufficient to work out such a formalization only once. CMM is able to take care of 
possible reformulations that might arise when a system is used by the users that did 
not worked out this initial formulation. This is one of the points we shall illustrate in 
this paper, since, as it will become clear, it is of a great importance for understanding 
the consequences (and necessary characteristics) of the user-independence of an !RM 
system. The second positive feature is that experts do not need to be involved in 
the process of the formalization. In other words, among roboticians, only a small 
group should devote themselves to working out an initial formalization for any new 
intended domain of interest. We shall call domain expert any person who is not an 
expert in ^RM and who has to formalize an intended domain for the purpose of the 
user-independent construction and verification of recursive programs and plans. A 
domain expert may feel uneasy^ with the kind of formalization that is related to 
recursion. By its ^ory of ConstructiBCe d)omains (fheory of CDs), which is a particular 
theory of recursive programs developed for and used in CMM, CMM does not guide 
the domain experts ‘to get the induction schemes right’, but to give the system 
adequate information that will allow the system ‘to be autonomous in getting 
induction schemes right’ as well adequate information that will enhance the system’s 
logical power. The first type of information concerns an inductive definition for the 
intended domain. It is not surprising that a requirement for this kind of information is 
necessary, since, whenever a recursive computation is justified — terminating — there 
is, somewhere, some kind of inductively defined system of objects. The second type 
of information, as explained in [4], concerns the domain’s semantic of and thus it 
cannot be a part of theory of CDs, which is, in its abstract version, a formal theory. 
However, CMM is built so that it is aware of the character of semantic aspects related 
to Recursion Manipulation and that can and must be made explicit in order to 
enhance the logical power of an !RM mechanism. In consequence, the formalization 
‘effort’ of the domain experts consists of using their own domain expertise, their own 
skills, rather than in working out mathematical skills for a (mathematical) 
formalization of meta-theoretical and methodological and epistemological arguments. 

Everything said above is simply a summary of an external behavior (or 
appearance) of the results achieved in CMM so far. [2] can be considered as a 
somewhat detailed presentation (necessarily so) of the CMMs internal mechanisms in 



^ The ‘skeleton’ of the epistemologically justifiable mathematical model for CMM was 
designed in 1983-1984, and is implicitly present in [1]. A complete list of the publications 
on CMM, on experiments illustrating the power of CMM, as well as on the experimental 
implementation of the system ^PR^COMAs (iPRpofs educed By Constructive MMcfiing for 
Synthesis) can be consulted via http://www.lii.fr/Francais/Recherche/ia/ ( or http://www.lri.fr/'-mf ). 

^ For instance, see in [15] the acknowledgment for « getting the induction schemes right ». 
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the process of solving a rather simple planning problem. The present paper is a part of 
a series devoted to an easy-to-follow illustration of in the framework of the 
user-independent construction and verification of recursive plans. The first paper of 
this series, namely, [5] focuses on illustrating the unity of theoretical and practical 
description of as a theorem proving mechanism, it also illustrates the non- 
existence of the well-known frame-problem in a system relying on this particular 
theorem proving mechanism. The present paper focuses on illustrating the unity of the 
theoretical and practical description of Cf^^^as a recursion justification mechanism. 
Namely, we use a very simple example to illustrate the unity of the theory and 
computation required by i^f^for justifying recursion, i.e., the induction principle and 
defining by recursion. The choice of the example presented in section 4 was motivated 
by the following reasons: 

(a) it allows us to illustrate a domain expert’s ‘duties’ during the process of formalizing of 
two simple intended worlds in which recursive plans are meaningful; 

(b) it allows us to illustrate that !^fWhas to deal with two, not necessarily compatible, 
types of efficiency that recursive programs have; 

(c) it allows us to illustrate that, although multidisciplinary, has its own place as a 

proper scientific field with a well-specified goal (specified above) and with its own 
appropriate methods of development (illustrated ‘statically’ by recursive 

conceptual architecture which is rendered unique and inimitable by making the 
presence of a particular inductive reasoning mechanism externally invisible). 

The next section provides more feedback for (a) and (c) and completes the above list of 
the reasons. The development of the example presented in section 4 relies on the 
above mentioned nduory of ConstmctiSle domains. This theory is very briefly described 
in section 3. 

2 A Note On ‘Related Work’ 

Kunen, in [8], uses the system developed by Boyer-Moore, known as Nqthm in the 
literature, to verify the Paris-Harrington version of Ramsey's theorem. The proof ^ presented 
by Kunen relies on Cq induction, thus illustrating that « ... Nqthm allows definition of 
functions by recursion on the ordinal Cq , and proofs by induction on Eq ... ». As also 
mentioned in [18], pg. 705, transfmite induction is, in its extreme form, « ... irreconcilable 
with constructivity ... ». In consequence, as far as recursive programs and plans are 
concerned, they necessarily correspond to inductions (i.e., the recursions of these recursive 
programs are logically justified by inductions) that are constructive in a computational 
sense. If Eq is necessary for defining a function by recursion, (i.e., if it is not just a matter of 
convenience as mathematicians are used to,) then the corresponding recursive definition of 
this function shall not correspond to a recursive computationally manipulable program. 

Thus, the first conclusion that is important for roboticians is: does not need 

to be preoccupied by induction on Eq. EM does not need to use the full Nqthm’ s 
theoretical background. On the other hand, it is natural to suppose that, since such a 
powerful induction, as Eq induction, is allowed by a system, then ordinary, simple, 
(i.e., constructive forms of inductions) are allowed as well. This supposition is 
natural, but erroneous, as the following example illustrates. 

Let us have a look at the following definition of the function segment (pg. 230 in [8]): 
(defn segment (m n) 

( if (and (leg m n) (numberp m) (numberp n)) (cons m (segment (add1 m) n) nil ) 

( ; hint 

(lessp (difference (add1 n) m) ...) ) ) 

The first part of this lisp program is logically sufficient to define the function segment. The 
second ‘hint’ part, is given by Kunen to make Nqthm accept this program as a justified 



^ We shall leave it for concerned mathematicians to /appreciate the virtuosity by which 
Kunen constructs, by hand, a scenario for a proof of Ramsey's theorem in a way that makes 
it possible to run this scenario by Nqthm which was developed for verifying purely 
universally quantified formulae. Kunen’ s scenario relies on several formulae that contain 
existential quantifiers (as does the Paris-Harrington version of Ramsey's theorem). 
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definition, i.e., a terminating program. In other words, Nqthm is unable to perform such a 
logical justification itself; Nqthm does not allow the recursion of this program unless a 
user orders it to accept it. This illustrates a discrepancy, a gap, a lack of coordination in the 
development of ‘theory’ and the development of ‘practice’. In fact, for user-dependent 
systems, such a lack is inessential: the presence of an ingenious user is assumed (required 
and guaranteed). But, as far as a rigorous justification of the user-independence of an 
system is concerned, it illustrates that, in a sense, not all the forms of ‘constructive’ 
inductions are ‘allowed’ — in practice — by theoretical approaches to ‘implementing 
induction’ [7], [II], [12], [13], or even higher order considerations [14] and well-known 
mathematical theories of recursion. This illustrates that needs its own ‘theory of 
constructive induction’, a theory manipulable with respect to RJM ’s algorithms. 

To use the language of programmers, as explained in [4], ‘constructive’ induction is 
closely related to termination of recursive programs (it corresponds to it, in fact). Thus, it 
might seem that to automatically ‘allow’ the above program in Nqthm, it is sufficient to use 
some termination verification algorithm developed in computer science ([6], [19]). As 
explained in [4], such a suggestion does not provide a general solution in the frameworks 
for which the undecidability aspects are relevant — in fact, all the user-dependent 
approaches to automated program construction and verification seem to use this notion in 
order to justify the need for a user. As a consequence of this situation (the mentioned 
‘relevancy’ of undecidability and a lack of a rigorous, manipulable, description of the exact 
logical and manipulation power of the termination-verifiers), somewhat surprising 
solution is accepted in automated inductive theorem proving: in [10], the authors suggest 
that the programmers should learn to program in the style falling under « Walther’s 
recursion » (see in [19]). Thus, let us push further our illustration. Since the Kunen’s 
program segment above does not fall under Walther’s recursion, if Nqthm is extended by 
Walther’s algorithm, Kunen just needs to reimplement his program in Walhter’s style and 
then no hints are needed to give to Nqthm. (Since Nqthm is ‘sensitive’ to the form of the 
given definitions, shall Nqthm run Kunen’s scenario also with this new form?) In section 
4 we will show a somewhat unexpected practical consequence of this rather unnatural 
requirement. (Are machines constructed to facilitate the work of humans or do people have 
to facilitate the work of machines?) 

True roboticians might now argue that the above segment function concerning 
natural numbers is in no relation to real world problems that a robot may be 
intended to solve. The rest of this article is thus also devoted to clearing up this 
possible misunderstanding. In other words, we claim that if an RM system were 
unable to solve the problems related to the construction and verification of recursive 
programs for natural numbers, such a system would be unsuitable for real world 
problems as well. Thus, in addition to (a), (b) and (c) of the previous section, the 
example presented in section 4: 

(d) illustrates that a recursive ‘plan’ can be formulated which is almost ‘identical’ to 

Kunen’s program for the segment function; 

(e) explains a pragmatic meaning of the restrictions imposed by Walther’s recursion in the 

framework of recursive planning. 

3 A Note On Theory of ConstructiBCe T)omains 

Recall that Recursion Manipidation is concerned exclusively by the construction and 
verification of recursive, (i.e., computational) programs and plans. RM, namely its 
user- independence, requires a mathematically rigorous framework, in which ‘defining 
a procedure by recursion’, for programs, is a logically justified definition formation 
rule and in which all the various recursion forms of programs can logically be 
justified. In consequence, the goal of RM implicitly contains the task of giving a 
logically justifiable feedback for a non-standard verification of the termination of 
programs. Constructive ^atcfiin£ Metfio(CoCo£ij does this via the TfUonj of CDs ^ and uses 
R^ (thus, C^R() itself in establishing such a manipulable theoretical framework. The 
Tfieorij of CDs represents a new reformulation of the elementary theory of recursive 



^ [3] and [4] represent a full technical description of the Theory of CDs. 
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fiinctions (i.e., all the recursive functions that can be given as computable programs). 
The most important achievements of the ^ory of C^s, that are related to are as 
follows (if necessary, see terminology in [3]): 

♦ the formulation of a particular world as a Constructible Domain provides and justifies 
logically (independently of an expert) standard and, whenever appropriate, usual 
induction principle schemes; 

^ in thQ framework of thQ non-usual induction principle ‘schemes’, whenever they 
correspond to terminating programs, are logically justified as well and the recursive 
definitions relying on these non-usual recursions can, whenever appropriate, be user- 
independently reformulated, in the framework of into their usual-recursion 

versions. 

4 Example 

[5] recalls that, to use for the construction and verification of recursive plans, 
adopts (and somewhat extends, [2]) the plan theory developed by Manna and 
Waldinger in [9]. This mw-plan theory, as we call it, seems perfect to us for 
extending the application field of initially thought of for recursive programs 
construction and verification. However, even though the mw-plan theory is illustrated 
(in [9]) for recursive programs, it is independent of recursion theories. Thus, as far as 
is concerned, the first contribution of the mw-plan theory is that it renders it 
possible to consider the recursion aspects of recursive plans within the theoretical 
framoworkof a classical logic recursion theory. The second contribution of the mw- 
plan theory is that it hints at a meaningful way to construct plans within the formal 
framework of the mw-plan theory (i.e., within a non-classic logic) via a classical logic 
theorem proving mechanism The first contribution explains why we feel (and we 
actually are) authorized to limit our illustration here to simple classical logic worlds, 
namely two worlds that can be represented by simple inductive structures and that are 
nevertheless interesting for ‘moving-in’ robots'^. 

In this section, our first goal is to give an initial formalization to the world of 
blocks (on a table, in a room) specified in [9]. These blocks are all the same size, so 
that only one block can fit directly on top of another (this restriction was formulated 
by Manna and Waldinger, but it is not essential for i:heory of CDs, provided the expert 
domain specifies this formally). We call (standing for ^LJBL0CK3 in [2]) the set 
of all these blocks. If no other block is on top of a block. Manna and Waldinger 
characterize it as clear. We shall stick to this terminology here. 

Intuitively speaking, to describe a world as a constructible domain, the expert of this 
world must know how to define it inductively first, more or less informally. For instance, 
let us consider the following more or less informal inductive definition. 

O if block X from is clear, then x is an element of fSfB ; 

O if block X from is not on table then the block that is just below x belongs to ; 

O any element of TFfB can be obtained by the previous two rules in a finite number of 
steps. 

Thus, the set SVB, which initially has no particular structure is now looked at via an 
inductively defined system of objects, namely the system (standing for ‘formalized 
AB'). Of course, the informal character of this ‘definition’ is evident (by reference of fAB to 
AB). Thus, from this informal definition it is necessary to extract a formal inductive 
definition by explicitly expressing the constructors of the intended domain’s formal 



^ As we point out in [5], it seems to us that the value of the mw-plan theory for practical 
purposes can be slightly concealed by Manna and Waldinger's use (in [9]) of a user- 
dependent environment for recursive plans construction. We remedy this in [2] and [5], 
where we place their theory into a user-independent environment, namely, that of 
methodology. Thus the practical value of their plan theory becomes evident. 

^ In other words, what is illustrated here for a classical logic description of a world holds 
for its situational variant, formalized of course, in terms of the plan theory developed by 
Manna and Waldinger (or its logical equivalent). 
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description which is formally independent of (even though the semantic dependence 
shall be present implicitly, namely, is a model for 

We shall leave out of the technical side of this transformation for our purposes here. ([4] 
is an introductory reading, [3] contains more technical details and justifications, and [2] 
presents the details formulated in the terminology of this example.) We can thus suppose 
that the expert (a robotician) shall come out with a formalization of the initially 
unstructured world of blocks that is very similar to the formalization presented below. 

4.1 The role of the i^onj of ConstmctiSU (Domains in a formalization of 

We shall call initial block each block from Sl(B which is clear, i.e., no other block is on the 
top of this block. A formal counterpart to this semantic description is the following 
abstract set and predicate. Below, the marked paragraphs correspond to the contribution of 
the domain expert. 

I Let be a set of elements. Let IB (standing for be a (dynamically 

extensible) finite subset of ‘If. Let the predicate clear BOOL be defined by 

clear(x) x e IB. 

The notion of a ‘dynamically extensible’ set is related to the fact that a robot moving in 
the world of blocks shall probably modify the position of blocks, thus a block that is clear 
in one particular moment may be ‘not clear’ in another moment. This of course shall not 
modify the instantaneous inductive structure of the intended world, it simply means that 
considering various sets of initial blocks (and thus appropriate ‘versions’ of the system 
B^B) is possible. In consequence, for illustration purposes we can abstract from this 
dynamical character of IB. 

I Let table be a constant element in ^and such that table ^ IB, let on: Wx BOOL be a 
primitive binary predicate verifying the following set of properties: { not(on(x,x)), 

not(on(table,y)) } for any x and any y. 

To specify a Constructible Domain, by Definition D.2.1 in [3], one needs to give the 
constructors of this domain. Thus, let us suppose that a domain expert specifies the 
constructors of B^B as follows: 

» initial_block: IB 

jusLbelow: 

The conditions of applicability of these constructors are given by the domain expert too: 

II Poss(initial_block(x)) <=> clear(x), 

for any x e and, for any y g ‘if 

II Poss(just_below(y)) o not(on(y, table)). 

Here initiaLblock corresponds to the intuitive interpretation that an initial block is a block, 
and the general constructor just_below corresponds to the intuitive interpretation that if x is 
a block that has no direct contact with the table, then the block just_below(x) is the block 
that is just below x. We specify — as an expert of the intended world should do with 
respect to the semantic of Manna and Waldinger’s intended model — the uniqueness 
arguments axiom for the constructor just_below 

II just_below(x) = just_below(y) =» x = y (4.1) 

Therefore, by the Lfieory of CDs, there is a selector corresponding to this constructor, in 
correspondence to [9] that we name hat. By the Lkeory of CDs, this selector is specified by 
the equation { hat(just_below(x)) = x } and the application condition for hat is { Poss(hat(x)) 
<=> not(clear(x)) }. By the Lfitory of CDs, in the well-founded relation Z induced by the 
constructors (and, in the Lfieory of CDs by recursion in natural numbers! — see the 

last paragraph of this section), whenever Poss(hat(x)) and Poss(just_below(y)) are verified, 
the following two properties hold: { y Z just_below(y) , hat(x) Z x }. The Lfieory of CDs gives 
now a constructor, as well as its equivalent selector version of the standard induction 
principle for Bi^B. This selector version — interesting for our purposes here is the 
following: 

A(a), if clear(a) 

A(hat(a)) => A(a), if not(clear(a)) 

VxA(x) 

Moreover, the Lheory of CDs justifies, for B^B, the defining functions by standard 
recursion. This means that, whenever uO is from W and h is a function of the appropriate 
domain and codomain, any system of equations of the form. 
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g(x) = uO, if X G iTj?® & clear(x) (4.2) 

g(x) = h(hat(x),g(hat(x))), if x g & not(clear(x)) 



or, equivalently, 

g(initial_block(x)) = uO, ifxG & clear(x) (4.3) 

g(just_below(y)) = h(y,g(y)), ifyG not(clear(y)) 

with the unknown variable g, defines one, unique, function g: -> For instance, a 

simple syntactic verification is sufficient to check that the program makeclear presented in 
[9] or in [2] is a definition of a function, (i.e., it is a terminating program). 

Moreover, the nUeory of CDs also brings forward a definition recursive (in for the 
above mentioned well-founded relation Z induced by the constructors of As clear 

from [3], this well-founded relation is not initially defined recursively in thus this 

computational (in reformulation (from natural numbers) is a very important 

achievement of the ^eonj of CDs. This new formulation is used for computations related to 
the extension of standard recursion to usual recursion as well as in the justification proofs 
related to non-usual recursion [4]. 



4.2 The role of Recursion ManipuCation in checking termination of recursive programs 

In order to give an example of a non-usual recursive definition of a function with the 
domain arguments in we shall introduce another constructible domain. 

Since is now defined, we can define another constructible domain in terms of 
Let us call it STAC% Let the constructors of STACO^bQ as follows: 

| st_nil: 

St_Cons: 

Let the uniqueness arguments axiom for the constructor st_cons be as follows: 

II st_cons(x,u) = st_cons(y,v) =» x = y & u = v. (4.4) 

For defining functions by standard recursion is justified by the n^eonj of CDs. This 

means that, whenever aO is from ^ and r is a function of the appropriate domain and 
codomain, if u g & v g any system of equations of the form 

f(st_nil) = aO (4.5) 

f(st_cons(u,v)) = r(u,v,f(v)) 

with the unknown variable f defines one unique function f: S^TACK • Defining by 
standard recursion of n-ary functions is justified by Dieonf of CDs too. Thus, for instance, 
the following system of equations defines a recursive function 

st_append(st_nil,u) = u (4.6) 

st_append(st_cons(u,v),w) = st_cons(u,st_append(v,w)), 

Let m and n be from let Z be the above mentioned well-founded relation induced by 
the constructors of and let us consider the following system of equations 

segm(m,n) = st_nil, ifnZm (4.7) 

segm(m,n) = st_cons(m,segm(just_below(m),n), ifnot(nZm) 

If one compares (4.2) (or (4.3)) and (4.7), one can recognize at the first sight that (4.7) is not 

a system of equations that falls under (manipulable) standard or usual recursion of 
However, proving that segm is a terminating recursive plan can be done very simply by 
formulating this termination problem as a Recursion Manvpuiation task (see [4]). This 
illustrates that represents a framework in which a logical justification of ‘trouble- 
making’, ‘unusual’ recursions can be verified user- independently. 

If one compares the system of equations (4.7) and the lisp program for the function 
segment defined by Kunen and presented in section 2 of this paper, one can realize 
immediately, that, up to the domain description of the variables m and n, identifying cons 
and sLcons, identifying segment and segm, and abstracting from the presence of a hint in 
Kunen ’s definition, there is no difference. Yet, semantically, segm deals not with natural 
numbers. 



4.3 ^cursion ManipuCation and two types of efficiency of recursive programs 

[4] shows that non-usual recursion is, usually, making the theorem proving process 
much more complex, and thus, in a particular sense, inefficient. In consequence, two 
types of efficiency have to be considered. On one hand we have the usually considered 
computational efficiency of a program. On the other hand, a program becomes a 
‘manipulated object’ in an system, for instance, when its termination has to be 
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proved or when it is relied upon in a formal specification of a program that has to be 
constructed (e.g., when a robot has to construct a program that tells him how to paint 
a segment). 

Let us consider the function segm defined in (4.7) by non-usual recursion. For a robot, it 
is very natural to work with this particular program, the computational efficiency of this 
program is very reasonable. However, as soon as the robot has to ‘think’ in terms of this 
program (to find out, for instance, how to paint the segment whose limits are blocks m and 
n, i.e., the robot has to program itself to execute this task), the non-usual recursion of this 
program slows down the process of coming to such a program. 

Thus, while [4] shows that the 'KM framework is able to handle the termination of 
non-usual recursion, in order to improve the internal efficiencyof a robot, (i.e., the 
rapidity of its ‘thinking’) it may be interesting to reformulate the non-usual recursion 
definitions into their logically equivalent usual recursion forms. The framework of 
CMM allows this type of reformulation [4]. This is a very important result having 
theoretical as well as practical value. 

To further understand its practical value, let us consider another, logically equivalent 
implementation for the function segm. We shall call stand_segm this new implementation and 
we shall define it by the equations : 

stand_segm(m,n) = gener(n), ifclear(m) (4.8) 

stand_segm(m,n) = st_comp(gener(hat(m)),gener(n)), if not(clear(m)) (4.9) 

and the application condition : { Poss(stand_segm(m,n)) <=> (x Z y) or (x = y) }, where gener: 
5T.qL^is defined by : 

gener(x) = st_cons(x,st_nil), if clear(x) (4.10) 

gener(x) = st_append(gener(hat(x)),st_cons(x,st_nil)), if not(clear(x)) 
and 

st_comp(w,st_nil) = st_nil (4.11) 

st_comp(w,st_cons(u,v)) = st_cons(u,st_comp(w,v)), if not(memb(u,w)) 

st_comp(w,st_cons(u,v)) = st_comp(w,v), ifmemb(u,w) 

and finally 

memb(u,st_nil) is false. (4.12) 

memb(w,st_cons(u,v)), if u = w 
memb(w,st_cons(u,v)), if u ^ v & memb(w,v) 

A simple syntactic analysis allows us to conclude that stand_segm defined by (4.8) and (4.9) 
is defined in terms of functions and predicates defined recursively by the standard 
recursion. In consequence, proofs relying on this particular implementation of the function 
segm (since segm and stand_segm are logically equivalent) are unproblematic. However, even 
though these formulations are logically equivalent, a programmer would probably prefer 
the implementation by (4.7). Recall again that, by its analogy to Kunen’s definition, this 
particular implementation, i.e., (4.7), is ‘forbidden’ by ‘Walhter’s programming style’. 

We can thus summarize: any inductive theorem proving system relying on CMM 
gives a robot the possibility of ‘working externally’ with non-standard programs (i.e., 
execute the programs defined even by non-standard recursion), while, internally, (i.e., 
in the process of recursive plans construction and verification) the robot can switch to 
a standard definition found (in the framework of CMM) from the non-standard 
definition. As far as programmers are concerned, CMM preserves the programmers’ 
liberty to keep their own programming style. This, with respect to mathematical 
tradition is natural, but it is unusual with respect to today’s standards which permit 
the suppression of this liberty explicitly (as in [10]) or implicitly (as in the current 
user-dependent approaches to the ‘automation’ of the verification and/or construction 
of programs). In consequence, it is up to the potential user of these two possible 
tendencies to choose the one that is correct and suitable for his own purposes. 

Conclusion 

It is known that constructing robots that execute some tasks in environments which 
cannot be fixed by a ‘finite description’ in advance, requires some kind of inductive 
definition of this environment [16], [9]. Such an inductive structure, in some well- 
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specified cases, justifies induction principle as a way of proving the properties of this 
environment, and it justifies recursion as a definition formation rule by which some 
properties of this environment can be expressed in a ‘finite’ way. The task of 
constructing a recursive plan from its formal specification (i.e., from a specification of 
the essential property that holds in the environment once this plan is applied to its 
input arguments) can be expressed as the task of checking a particular property of this 
environment. Thus, finds one of its applications in the design of autonomous 
robots. To achieve the somewhat ambitious goal of user-independence, must 
provide a rigorous manipulable theory of computable recursive programs. Constructive 
Matcfdng MetfiodoCogy, as one particular approach to uses the *Jheonj of CDs as 
such a manipulable theory. 

This paper intended to simply inform roboticians about the relation of to 
the design of autonomous robots and illustrate through an example how the following 
properties manifest themselves : (1) the unity of logical justifications and 
practical manipulations, (2) an adequate treatment of the problem related to a 
logically justified and practically executable reformulation of the objects manipulated 
(i.e., programs), as well as (3) an adequate treatment of the problems innate to 
handling recursion and the solution of which may seem non-evident by a first sight. 

succeeded in making the notion of undecidability irrelevant for [5] recalls 
that CMM also succeeded in making the notion of the frame problem irrelevant for 

when extended by the mw-plan theory [9]. 

This paper thus aimed at motivating roboticians to extend the design of future 
robots, while taking into account the full potential of In particular, we wanted to 

illustrate that we do not ask roboticians to become experts in handling recursion, we 
just wanted to illustrate that some experts in robotics have to make an effort to 
understand the epistemological ]mX\f\QdX\on and some essential features of f^Jlfin order 
to (get motivated to) formalize, in a particular way, the ‘worlds’ in which recursive 
plans are meaningful. These worlds have their own semantics and thus they cannot be 
a topic of Since the mw-plan theory [9] is convenient for capturing the dynamic 
character of these worlds, the domain experts have to focus on the formulation of 
particular laws that govern the particular portions of worlds they are interested in. In 
[9], the put-on-table axiom (independent from the mw-plan theory) concerns a 
particular world, formulated by Manna and Waldinger, and well illustrates the 
semantic dependence of such particular laws. This paper illustrated that, if some more 
‘elementary’ laws are formalized following the guidelines of the ^ory of CDs, the use 
of ‘recursive mode of thought’ is automatically justified (by the Idieory of CDs). As 
soon as such a formalization is performed, one can use RM to construct and verify 
recursive plans. On the other hand, since recursion (in its rigorous sense) is a 
particular kind of representation of a particular kind of repetition, a very particular 
kind of a ‘short cut’ of a very particular kind of ‘potential infinity’, we feel that the 
question of ‘improving the conception of the visual perception of robots via a 
particular use of Recursion Manipulation should not be neglected. 

As we illustrated in this paper, it is a good feature of RM that the remaining 
experts in robotics do not necessarily have to stick to the resulting formalization, that 
the potential users of domestic robots do not need to know ‘theories (theory of 
elementary recursive functions, first-order logic, situationistic logic, mw-plan theory), 
epistemological notions (theory, meta-theory, deductive system, axiomatic system, 
model, relativity of formal truth, ...) and the manipulable theories and meta-theories 
{Ddieory of CDs, CMM)' that are behind it. All these theories and notions are necessary 
for understanding the architecture and the algorithms of CMM. [4] explains under 
which conditions RM can be used for non-standard purposes, this time necessarily by 
interaction with the user. Namely, it can be used for (a) improving the computational 
efficiency of programs and (2) working out, a correct form of ‘lines of code’ that are 
given by the user and could thus be, in some sense, incorrect. The effort of one group 
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of experts (in robotics) that has to perform a very rigorous work renders, via the 
work for others (i.e., potential human users, if any) more informal. 

Finally, this paper wanted to recall that the language of mathematics remains the 
only way to clear up ambiguities inherent to natural language, the only way to specify 
and control the real achievements of a deductive science. Constructive Matcfiing 
9^etfiocCoCo£y (as an approach to ‘EM) is built as a such science; this also means that 
the use ofa particular form of inductive reasoning involved is, in some well-specified 
sense, rendered justifiable even in this deductive environment. 
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Intelligent Systems Must Be Able to Make Programs 
Automatically for Assuring the Practicality 



Takumi Aida and Setsuo Ohsuga 
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Abstract. This paper discusses an important issue on the intelligent 
systems to solve large scale problem, especially on the way of making 
computer programs automatically. Since an activity that human beings 
design a problem solving system is a kind of problem solving, a new 
modeling scheme that can deal with multi-level structures is necessary for 
representing problem solving itself. A large scale system used repeatedly 
should be a procedural program and not exploratory one. A method of 
translating modeling results into a procedural program is proposed in 
this paper. 



1 Introduction 

Computer systems are required to solve various problems. It is considered for an 
intelligent computer system necessary to satisfy at least the following require- 
ments; autonomy, practicality and generality [1]. 

The issue of difficulty in developing large scale softwares is raised. This paper 
suggests the method of making problem solving systems automatically and of 
converting results into programs, including a new modeling scheme for repre- 
senting multi-level concepts [2] [3]. 

2 Problem solving method following human way 

There are many types of problems such as analysis, design, control and decision 
making. Human beings solve these problems with a general method known as 
the scientific method today. It is represented formally and realized in a computer 
system. This section provides an outline description of the method. 

2.1 Exploratory problem solving 

Problems can be solved with such steps as follows; (l)to represent the problem 
explicitly, (2)to analyze and evaluate whether the representations satisfy the 
given requirements, and (3)if not, to modify the representations. This process is 
repeated until the goal is reached [4]. 

In order to apply this method to computer systems, the each operation in 
the steps require the specific knowledge base and a special knowledge base is 
used for controlling operations or guiding the exploration. (see Fig.l). 
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Fig. 1. Exploratory problem solving 



2.2 Problem model 

Problem model plays an important role in this scheme. At the incipient stage of 
this process, a problem is represented in a proper model by externalizing person’s 
idea. 

A modeling scheme to represent any object in the world must be defined. It 
is desirable that a single scheme can generate different type of object models [5]. 
Models must include such information as structure, functionality and relation. 
The structural information composes hierarchical structures or graph structures. 
There are the relations between not only the nodes of the structures but also 
the functionalities of the nodes. 

In order to generate the system for automatic programming, human activity 
must be included in models, i.e., the modeling scheme must be able to represent 
a subject making an object do something. A computer program is a kind of 
automatic problem solving systems in itself. Therefore a programmer plays a 
role as a problem solving system that is required to design problem solving 
systems. This means that the model representation needs nested structures. Let 
it be called a multi-strata model (see Fig.2). 



3 Multi-Layer Logic (MLL) 

For processing the multi-strata model, a representation form to deal with multi- 
level knowledge architecture is necessary. A language to meet this condition is 
discussed in [6], [7]. This language is an extension of first order logic. The main 
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Fig. 2. Multi-strata model including human activity 



extensions are (1) introduction of a method of manipulating data structures, (2) 
high order predicate under certain restrictions, and (3) their combination. The 
data structure is based on the axiomatic (Z-F) set theory and the language has a 
capability to define a new data structure as a compound of the primitive relations 
by a set of composing operations. The primitive relations are; is-a, component-of, 
product-of, power-of, pair-of. The basic form for representing knowledge is, 

{Q,xlX){Qyy/Y) . . . {Q,zlZ)[R{x, y, . . . , z) : - 
Pi{x, P 2 {x, y,...,z)* P„(x, y,...,z)] 

in which Qx etc. denotes either a universal quantifier (V) or an existential quan- 
tifier (3), x/X etc. means x in a set X, * denotes a logical connector, i.e., either 
conjunction (A)or disjunction (V). This expression is read as “For all/some x in 
X, all/some y in T, . . ., all/some z in Z, if the relation Pi and/or P 2 and/or . . . 
Pn hold, then R”. In the following however, the prefix is often abbreviated for 
the sake of simplicity of expressions. 

A predicate is a mapping from a set of variables (cb, y, . . . , z) to either True 
or False (T, F). This mapping can be made by a procedure. A predicate to which 
this procedure is attached for evaluation is named a Procedural Type Predicate 
(PTP). The others are Normal Type Predicate (NTP). The system is designed to 
accept any procedure with its own PTP. When a predicate including a PTP is to 
be evaluated the procedure corresponding to this PTP is evoked and executed. 

Any variable (say x) can be a structural variable to represent a structure. 
In this case X is a set of structures. .For example, if X is a product set of the 
sets Di, D 2 , • • • ) Dmi then x represents a tuple (di, d 2 > • • • > ^m) of which di G A- 
Moreover any variable can be a closed sentence which means a predicate without 
free variable. For example a predicate of the form P(«, . . . , y, 5(u, . . . , lu)) can 
be used. Any of the variables in 5, i.e. u, . . . , it;, must not be the same with the 
other variables in the predicate P, i.e. a;, . . . , y. 

As a combination of these two expansions, any variable can be a structural 
variable of which the domain is a structure of predicates. Using MLL as a knowl- 
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edge representation language a knowledge based system named KAUS (Knowl- 
edge Acquisition and Utilization System) [8] has been developed by the author’s 
group and used for many problems. 



4 Meta-Operation for Multi-Strata Problem Modeling 

Each problem requires its own problem solving method represented by a problem 
oriented structure of knowledge functions. In this structure, the form of multi- 
strata model must be included. 

In order to create this model, general control knowledge apart from the 
problem-specific knowledge must be defined. The following (from R1 to R7) 
are some examples of predicates that makes a problem requirements in the form 
of 2-strata model, which is composed of “5u6ject2” and ^^SubjectV\ and that 
assigns Subject2 and Subjectl to the role of automating the activity Subjectl 
and of solving the problem respectively. 

All predicates should be expressed in disjunctive normal form. This reason 
is taken up in the following section. A predicate beginning with “$” is FTP. 



4.1 2-strata model 

Rl : auto7nateActivity{Subject2, Subjectl^ System) : — 

$getSubjectRequirement{Subjectl, Requirement!), (1) 

generate System{Requirementl, System), (2) 

The terms System and Requirement! denote a system to be generated and the 
requirement given to Subject! respectively. This rule says that a system which 
replaces the lower stratum subject is obtained by, knowing the requirement given 
to it(l), and generating a system to satisfy the requirement (2). This operation(2) 



is defined below. 

R2 : generateSystem{ex'ploration[Subject!, 

Model, Domain), System) : — 

$getObjectRequirement(Model, Requirement!), (1) 

problemType{Requirement! , Type), (2) 

$makeRetrieveKey{Subject!, 

Model, Domain, Type, Key), (3) 

retrieveKnowledge{Subject!, Domain, Key, KC), (4) 

makeSystem(System,KC). (5) 



There are the different rules for generate System by the requirements included 
therein. This is the one in which the requirement to Subject! is to solve a 
problem. KC is an abbreviation of knowledge chunk. The type of problem must 
be identified from the representation of the requirement on Model. First the 
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object level requirement is obtained(l). The problem type is obtained by the 
predicate(2). Then the necessary knowledge chunks are retrieved by (3) (4). Dif- 
ferent rules are retrieved for the different problem types and domains. A prob- 
lem specific problem solving system can be generated including these knowledge 
chunks(5). 

RZ : retrieveKnowledge(Subject2^ Domain^ Key ^ KC) : — 

%getTaskKnowledge[Key^ TaskKnowledge)^ (1) 

$getDomainKnowledg€{Domain, DomainKnowledge)^ (2) 

%includeK nowledge {K C, 

TaskKnowledge^ DomainK nowledge), (3) 

The first predicate (1) takes out the knowledge to define a specified task from the 
global knowledge base. The information on the knowledge chunk is in Key. Since 
the scheme of performing tasks is common to many domains, this task knowledge 
includes knowledge chunks that relate to different domains. The second predicate 
(2) selects as well the domain knowledge chunk. Finally, these knowledge chunks 
are integrated to form the knowledge chunks as required from the given domain. 



4.2 Generating System 



R4 : : exploration{Subject^ Model, Domain^ K) : — 

{incipientM odel[Subject, Model, Domain), (1) 

repeatOperation{solveProblem{Subject, 

Model, Domain), K), (2) 

decomposeActivity{Subject, Model, Domain)). (3) 

I {-^repeatOperation{solveProblem{Subject, 

Model, Domain) ,K), (4) 

make Answer {‘‘non — solvable”)). (5) 



This is a generalized rule to start problem solving. The predicate(2) is to repeat 
the operation inside the parenthesis, i.e., the actual, state-based problem solving, 
by the specified number. K denotes the number of repetitive operation (R6). 
decompose Activity is added(3). When no solution could be found in the specified 



number of repetition K{4), it is reported(5). 

Rb : solve Problem{Subject, Model, State, Domain) : — 

{analize Model {Subject, Model, State, Domain), (1) 

$satisfyModel{Model, State)). (2) 

I {-^satisfyModel{Model, State), (3) 

modify Model {Subject, Model, State, Domain, Modeli), (4) 
solve Problem{Subject, Model!, State, Domain)). (5) 
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First, the model is analyzed(l) and examined whether the model can satisfy 
the requirement (2). If not(3), the model is modified(4) and the process is re- 
peated(5). 



R& : r€peatOp€ration{solveProblem{Subject^ Model, 

State, Domain), K) : — 

(ix/integer[l, K]) (1) 

[solveProblem{Subject, Model, State, Domain), (2) 

$countAndTest{x)]. (3) 

This rule controls the repetitive operations. The repetition number is checked 



by (3) based on the variable defined in (1). 

R7 : analyze Model{Subject, 

y{Model,V alue). Domain, System) : — 
$create2StrataModel{Subject2, 1, Subject, Model), (1) 

$defineRequirement{ 

automaticActivity{Subject2, Subject, System)) (2) 

$de fine Requirement { 

analyzeM odel{Subject, y(Model, Value), Domain)) (3) 

evoke Subject {Subject, ♦) (4) 



The predicate represents a general analysis operation including the selection of 
a method among many possibilities. It makes a structure of a 2-strata model 
by creating a new highest stratum subject, Subject2, and gives it a require- 
ment automate Activity (2). Moreover the rule gives the lower stratum subject 
the requirement analyzeM odel to obtain a specific analysis function to be ex- 
ecuted using the selected knowledge chunk (3). Then the Subject2 is evoked 
(4). It executes the requirement automate Activity again but, since the require- 
ment included in the automate Activity is different from the one used before, the 
different rule for generate System is needed. 

5 Automatic Programming for Assuring Practicality 

A problem-specific problem solving system must be more practical than a sim- 
ple system including all knowledge in a flat structure. An exploratory problem 
solving system is powerful but is not considered efficient enough. A procedural 
program is more practical if a problem can be solved algorithmically and the 
operation is repeated many times. 



5,1 Problem which can be represented in the procedural form 

Problems can be classified into programmable class and the others. A charac- 
teristic of a problem decides whether the problem can be represented in the 
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procedural form or not. For the programmable class the models do not change 
during problem solving and the program makes a solution to an input in the 
deterministic way. The other problems need an exploratory problem solving. 
The task of programming is an exploratory problem in itself. Even if an object- 
level problem needs exploratory operation, its programming is still possible if 
the scope of searching solution is limited to the finite set. But a program needs 
the operation of selecting one from the set of alternatives, i.e. an inference oper- 
ation. A program including run-time inference is usually inefficient. Compiling 
knowledge in advance and embedding its results into the program can make 
such programs faster. This type of problem can be the object of the automatic 
programming. 

In other cases for dealing with the infinite alternatives, to represent problem 
solving in the form of procedural program is difficult because it implies unknown 
knowledge in the execution of the program. In this cases it is better to use a 
declarative form of expression with an inference engine. 



5.2 The representation of the task of programming with 
multi-strata modieling 

If a problem belongs to the programmable class, the multi-strata modeling makes 
automatic programming possible. The highest- and the second-stratum subjects 
of the model are given the requirements ^automate activity^ and ^make program* 
respectively. The lowest stratum subject has already been given the problem- 
specific requirement. The highest stratum subject generates a system for making 
program for this requirement. A higher stratum subject conducts its processes 
by the first and the second step; on the first step the subject generates the 
representation of the program structure by solving problem and on the second 
step the subject convert the solution structure into a program code. 

The first step can be divided into three operations in detail. (1) to select one 
(or more) instance input. (2) to find its solution. (3) to generalize the solution. 
The first step above is the problem dependent, i.e. requires the problem-specific 
knowledge chunks. On the other hand, the knowledge chunks using on the second 
step is common to all cases. 



5.3 Generating a program code 

An automatic programming system must be able to generate very complex pro- 
grams. First of all components of a program structure is clarified, and the way 
to represent the each component in knowledge is defined in the following. 



Structural components of program A complex program is composed of sim- 
pler programs, the simpler programs are constructed from a limited choice of 
structural components such as sequence, branch and loop. Thus the system must 
be able to represent these structural components and to generate any complex 
program structure by means of these components; (1) subroutine call, (2) branch. 
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(3) loop, and (4) database access. Because of the rack of the space, the detail of 
the explanation is abbreviated. 



Knowledge representation suited for programming The exploratory prob- 
lem solving system can find a sequence of predicates to reach the goal from the 
given problem. In order to generate a procedural program from the sequence, a 
special way of knowledge representation is necessary. 

Some basic operations like branch are represented by two or more separate 
rules. Integrating these separate rules into a single form can simplify to translate 
the basic operations into procedural form. 



Generation of a sequence of predicates as a source of programming 
In order to generate a sequence of predicates for automatic programming, the 
problem is solved by exploration and a deduction tree composed of the related 
predicates in the knowledge is produced, then tracing the problem solving can 
extract the succeeding path from the tree. 

A program is required to be able to accept every instance in the scope of 
the input. One way to assure this is to try to solve this problem including the 
variables. This approach is not always successful because different instances may 
require different processing. 

The other way is more effective. That is to generate an instance problem by 
specifying the constant value for the variable and solve the instance problem. 
The deduction tree produced by solving the instance problem is similar to or 
at the least a subtree of the tree for the general problem. If the form of given 
knowledge is not disjunctive normal form, the deduction tree of the instance 
problem can not contain all conditions and not be applied to generalizing the 
instance tree (see Fig.3 and [9] [10]). 

The deduction tree is generalized with studying the difference of the domains 
of the variables between the instance problem and the general problem and with 
matching the unifiability conditions for the predicates in the tree. For ease of 
explanation the case of single variable is shown here. Let the original query, the 
rule and the deduction be represented (Q,x/S)F{x), {Qtx/T)[F{x) : —G{x)] 
and (Qrx/R)G{x) respectively in which (Q,,5), (Qt,T) and (Qr,R) are (the 
quantifiers, the domains of the variable x) of the query predicate, the rule and 
the conclusion respectively . The unifiability conditions are displayed in Table 
1 . 



Transformation into a procedural program After the general tree is build, 
it is transformed into the procedural code. Every predicate at the node in the 
tree is processed one by one from the top node as follows; 

(1) For every variable in a predicates, its type and scope are declared. 

(2) Identify the predicate type such as procedural predicate / loop / branch / 
database access. 
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AND 





Fig, 3. Disjunctive Normal Form can cover aU conditions in the deduction tree. 



(Qt,T) Unifiability Condition 



(V,5) 

( 3 . 5 ) 

(3.5) 

(V.5) 



(V.T) 


SCT 


(V.5) 


(V.T) 


S n T(= Z) ^ empty 


(3.^) 


(3.T) 


SDT 


(V.T) 


(3.T) 


None 


(-.-) 



Table 1, Inference rule of MLL 



(3) Replace the procedural predicates with their accompanying procedure to 
generate the procedural program. 

(4) For a loop type predicate, the loop type is analyzed and introduced for a 
specific structure with the additional operation if necessary, and the subse- 
quence generated from the subtree is embedded in the loop. 

(5) For a branch type predicate, a branch command is prepared, and the subse- 
quences generated from the subtrees are combined with the branch. 

(6) For database access, a generated access sequence is replaced the predicate. 

6 Conclusion 

This study has discussed the way to produce programs automatically. Moreover, 
it is instructive to consider that very large scale problems need decomposition 
into smaller problems[ll]. The problems can be classified into two classes; pro- 
grammable and non-programmable. The problems in the first class can be solved 
by computer and be translated into programs. The method presented in this pa- 
per can enlarge region of problems solving task to be assigned to computers, and 
reduce the task of people. 

The experiments of this translation are carried out and still continuing. For 
further experiments. Genetic Algorithm, as one of exploratory problem solving 
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methods, will be the aim of the experiments. The way to evaluate/modify mod- 
els of Genetic Algorithm is algorithmic and different from those of rule-based 
exploration. If these can be represented by rules, a problem solving system with 
Genetic Algorithm is produced automatically. 

It is expected that this method can be used to generate large scale problems 
and resolve software crisis with future [12]. 
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Abstract. This paper describes the development and validation of a 
knowledge-level model of concurrent design. Concurrent design is 
characterised by the extent to which multidisciplinary perspectives 
influence all stages of the product design process. This design 
philosophy is being increasingly used in industry to reduce costs and 
improve product quality. We propose an essentially rational model for 
concurrent design using CommonKADS and report on our validation 
of the model through studies with designers. 



1 Introduction 

A number of models of design exist, generally falling into one of two paradigms; the 
rational design approach [1], [2] or the reflective practitioner approach [3]. Models 
within each of these design paradigms rely, to a greater or lesser extent, upon 
studies of designers in practice. 

Concurrent design is an approach to design which seeks to incorporate a number of 
different life-cycle perspectives relevant to a product at the product design stage e.g. 
manufacture, assembly, recylclability [4]. Concurrent design is distinguished from 
collaborative and simultaneous design by the high degree of multidisciplinarity that 
exists in the design team [5], [6]. It is possible to formulate models for concurrent 
design within either of the paradigms above. However, as far as we have been able 
to establish, the models and support tools that currently exist for concurrent design 
are firmly situated within the former paradigm. 

This paper proposes a ‘rational’ model for concurrent design and describes our 
attempt to validate it on the basis of studies with several designers. We have studied 
designers at work and have abstracted protocol and interview transcripts, re- 
representing them in the style of concept graphs in a way which allows us to 
approach the formalism of a KADS expertise model [7]. The initial models, 
obtained from transcripts, use the vocabulary of the designers in order to allow us to 
discuss the models with them in follow up interviews. We then abstract from the 
descriptions of the individual designers to develop a model which we compare with 
our originally proposed model. 
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2 Models Of Design 

A number of models have been developed to enable machines to contribute to the 
design of artefacts. Kruger and Wielinga [8] suggest a design problem is specified in 
terms of functional requirements, non functional requirements and constraints. They 
suggest that solutions to most industrial design tasks are generated through a process 
of ‘decomposition - solution - recomposition’. Chandrasekaran [9] views the design 
process as a series of sub tasks: propose - critique - modify. A number of models of 
the critiquing step have emerged [10], [11], [12] and approaches based upon 
multiple domain critics have been proposed [13], [14]. Klein and Lu [15] look at 
deadlocks that can occur when different experts offer conflicting critiques of a 
design. Werkman [16] explores negotiation as an aid to resolving such conflicts, 
Molina [17] reviews computer aids to the simultaneous engineering process. 

Smithers [18] is critical of most knowledge-based systems which support design 
suggesting that, in the absence of any useable theories of the design process, they 
are characterised by what computer programs can be made to do, rather than what 
really goes on when professional designers design. He argues that what is required 
are knowledge-level theories of design which are developed with reference to 
lessons learned in the field of knowledge engineering. Research which seeks to 
achieve this is ongoing and is acknowledged to be at an early stage, both in terms of 
determining appropriate methodologies [20], [21], [22] and developing models 
which span the diversity of design practice [23], [24], [25], [26]. 

3 CommonKADS Models For Design 

CommonKADS considers design to be a synthetic task. The original KADS model 
for design seems to correspond closely to design models presented in established 
design texts [1], [26]. KADS also includes two refinements of the design task, 
hierarchical and incremental design. The CommonKADS models for design view the 
activity as having two distinct phases [27]. Analysis is seen as translating the ‘needs 
and desires’ of a customer into requirements; a form of requirements engineering. In 
practice, concurrent design relates mainly to the synthesis stage and so determines 
the focus of the work reported here. 

3.1 Existing CommonKADS Design Task Models 

Bemaras and Van de Welde [27] develop design models viewed from three different 
viewpoints. From the user requirements dimension they present models for routine, 
innovative and original design. From the types of static design knowledge available 
they outline models for case based design, transformational design, decomposition- 
based design and generic model. From the construction dimension they consider 
allocation, configuration and parametric design. Kingston’s [28] model for 
exploratory design is analogous to the CommonKADS model for original design - 
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i.e. the requirements for the design evolve in parallel with the design synthesis 
process. 

Bemaras and Van de Welde [27] characterise a problem statement as abstract 
customer ‘wants’ (needs and desires) which are refined to criteria (requirements 
descriptions) and then further refined to constraints (problem statements). In the 
engineering field, it is believed that constraints are not merely formally expressed 
criteria, they are subtly different entities. The distinction between functions and 
constraints may be hard to pin down [9]. We share the view of a problem statement 
as containing functions (criteria which dictate what the design solution must comply 
with) and constraints (which dictate to an extent how the design solution is 
achieved). 

Constraints may be customer dictated or emerge from life-cycle perspectives. These 
can be termed external and internal constraints respectively. (The latter may be 
compared with Lawson’s definition of internal constraints [29].) Internal life-cycle 
constraints are key to the concurrent approach in that they represent how 
downstream perspectives can affect the design. 

3.2 Concurrency And Existing Models For Design 

The CommonKADS and other design models discussed so far do not explicitly make 
any reference to the concurrent consideration of conflicting constraints on the design 
process [8]. Maher considers design evaluation, but this is concerned with checking 
how a partial or fully specified design complies with the expected performance of 
the design. Kingston's model [28] addresses the issue of design constraints being 
evaluated, however this appears to be after a complete design has been generated. 

The essence of concurrency is that diverse, often conflicting, constraints are 
evaluated continually as the design evolves. Analyses of designers working in 
industry suggests that designers do work in a concurrent manner Sonnenwald [25] 
although Kruger and Wielinga [8] would suggest that this impression may be 
deceptive. We have been unable to find any specific reference in the literature to 
knowledge-level models for concurrent design. 

On the basis of existing models, together with discussions with academics, and 
analysis of the available design literature, we have developed an essentially rational 
model for concurrent design which we have subjected to validation. 

4 A Knowledge Level Model For Concurrent Design 

A task model for concurrent design must make explicit how internal downstream 
perspectives influence decisions during the design process. It is believed that an 
‘idealised’ concurrent designer or design team work in the following way :- 
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• With knowledge of previous designs and the product specification, the designer 
proposes a solution (or a partial solution). This modifies the current design 
model in some way to give the ‘advanced’ design model. 

• The proposal is then critiqued from a number of different concurrent 
perspectives. The output from critiquing consists of further internal life-cycle 
constraints which were not documented in the design specification, an indication 
of whether or not the proposal is acceptable, and the critique itself 

• A phase of negotiation then determines which additional functions and 
constraints will reformulate the design specification and a new series of design 
proposals are then made. 

Concurrent design can therefore be seen as a cycle of subtasks; ‘propose - critique - 
negotiate’, with a revised, ‘advanced’, design resulting from each cycle. The model 
which emerged from our analysis is given in Figure 1. The negotiation process 
updates the current design problem with new constraints (derived from the critiquing 
process) and/or new functionality (which comes from the initiator of the design). 




Concurrent critiquing pinpoints additional internal constraints and so differs from 
the ‘critiquing’ defined by Chandrasekaran [9] and Goel [30] who view it as 
unearthing missing functionality in a completed design. In the next sections we 
describe how our model was subjected to validation by assessing the degree to 
which it accords with the practice of concurrent designers. 

5 Methodology 

Validation and refinement of the proposed model (Figure 1.) has proceeded by 
analysing design activity of three manufacturing companies and of two consultant 
industrial designers. All consider themselves to be operating in line with concurrent 
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engineering principles. Although all are designing within the context of mechanical 
engineering, the nature of the products manufactured differ significantly. This 
enhances our confidence in the generality of the model we develop. 

A number of techniques are available to capture and analyse an expert’s problem 
solving behaviour. In particular, protocol analysis is seen as a valid approach (given 
awareness of some limitations) [20]. Our chosen method has been to both observe 
and to conduct focused follow up interviews with designers and other personnel 
involved in product design. The resulting protocol and interview transcripts have 
been used to generate graphical descriptive models. In early follow up interviews, 
the established KADS models for design and our proposed model for concurrent 
design were used to stimulate discussion and clarify designers understandings of the 
modelling process. Subsequently, the designers have discussed and refined the 
models constructed from their transcripts. These have then been abstracted towards 
models which use more established KADS terminology. The observations and 
discussions took place in the workplace. Designers were encouraged to work in as 
normal a manner whilst verbalising about information that they were considering. 

In order to enable the designers to relate directly to the graphical representations of 
the models, the vocabulary of the transcripts is used to label the graphs. We found 
this important in facilitating comment on the developing model. As an example, the 
graph in Figure 2 was derived from a transcript of a recorded session with an 
industrial designer and was verified in subsequent discussion. It shows his model for 
the overall design process. Some of the subtasks represented are not simple 
inference steps. ‘Inform’, ’model' and ’produce’ have their own inference structures 
and these were explored at follow up meetings with the same expert. Using the same 
example, a task structure for 'model’ was further explored with the designer and this 
is illustrated in Figure 4. 
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The designer uses the term ‘model’ in both Figures 2 and 4, however he considers 
them to be different, the model in Figure 2 being more all encompassing than that in 
Figure 4, The ’model’ subtask identified in Figure 4 is iterative in nature. Clearly, at 
this stage we are still using the vocabulary of the designer to label the graphs. 

6 Generic Models From The Case Studies 

Having used the designers’ own language to verify the graphs obtained from the 
transcripts, we have then abstracted from these graphs towards a generic model, 
mapping the designers’ informal linguistic terms onto more established KADS 
terms. 

6.1 A model for concurrent design 

Again, by way of example, the subtasks ‘inform’, ‘model’ and ‘detail’ in Figure 2 
have been mapped to the terms ‘analyse’, ‘develop’ and ‘refine’. Similarly, ‘Current 
Brief, ‘3D CAD model’ and ‘Detailed Master Drawing’ correspond to the roles 
‘formal specification’, ‘conceptual model’ and ‘detailed design. Not all mappings 
are as unproblematic. The input roles to the ‘inform’ step in Figure 2 do not simply 
map on to informal specification. Whilst ‘American Market’, ‘Background 
Research’ and ‘Existing Products’ can be related to a market driven ‘informal 
problem statement’, ‘Technology - GRP’ was found to represent both a life cycle 
constraint and an early commitment to a particular technical solution (the role 
‘Clear concept’). At the stage of developing the formal specification, a technical 
solution is clearly already in the head of the designer. 

Based on analysis of the transcripts of all of our designers, it is possible to abstract a 
generic model for the concurrent design process. This abstract model, shown in 
Figure 3, shares similarities with the KADS model for design but additional 
knowledge roles input to the different subtasks are identified. Concurrent constraints 
impinge on the design process in a three pronged manner. 

At an early stage of the design process (specification development and early 
conceptual design) the designers seemed to use their own knowledge of these 
external constraints to guide them. The designers have a general working knowledge 
of manufacturing, assembly and other constraints and use this knowledge to guide 
them utilising some form of ‘internalised’ critiquing to evaluate a design. It seems to 
be in the later (synthesis) stages that the designer draws most heavily on the 
expertise of others in the team. 
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Every time the current design solution is advanced critiquing of the evolving design 
occurs as a feature of both ‘generate and ‘detail’. The expansion of these two 
subtasks then follows a process of ‘propose - critique - negotiate’ and this is 
characteristic of concurrent design. 

6.2 ‘Propose - Critique - Negotiate’ 

By focusing on the designers’ understanding of ‘propose - critique - negotiate’ 
(Figure 4 represents the graph obtained from one such designer) we have attempted 
to arrive at a model for this process. For example, in Figure 4 one designer generates 
a number of ‘Design answers’ from the ‘Current brief and then outlines the 
problems he sees as inherent in the ‘Design answers’. (The ‘Pivots and attachments’ 
role could be seen as part of the ‘Design answers’ role although the designer has 
highlighted these as separate roles because he perceives them as important). There is 
clearly a phase of ‘propose - critique’ on the designers part before the ‘model’ task 
is used to transform the given ‘Design answers’ into a ‘3D CAD Model’. There is 
then another phase of critiquing where the ‘3D CAD model’ is critiqued from 
different life cycle perspectives (‘Assess’, ‘Manufacture evaluation’ etc.) and a 
number of conflicts and constraints (‘Clashes in assemblies’. Manufacture problems 
etc.) are outlined. Also, the ‘invent’ subtask, introduced to overcome the CAD 
modeller constraints, can be seen as a applying ‘propose’ methods to the design 
tools and techniques as well as the product of the design. 
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From transcript graphs such as those in Figure 4 and from transcripts of interviews 
with our designers, we have established that further concurrent constraints 
introduced by critiquing do not always imply some negotiation phase to update the 
brief but these extra constraints may simply act as input roles to a process of 
amending the current design model. 

From the analysis illustrated above it is possible to formulate a more generic model 
to show how downstream concurrent constraints impinge on the design process in 
the expansion of ‘generate’ and ‘detail’ of Figure 3. This is shown in figure 5. 




The terminology used in Figure 5 is designed to encompass the terminology derived 
from the different case studies, i.e. ‘propose’ encompasses ‘develop’, ‘generate’ 
etc., ‘critique’ encompasses ‘assess’, ‘evaluate’ etc. Figure 5 shows that a design 
proposal is subject to critiquing from different perspectives to outline potential 
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problems inherent in the design proposal from that perspective. These are expressed 
as constraints. There is then a complex process whereby the design proposal is 
altered on the basis of these ‘design problems’. The case studies generally use a 
term such as ‘alter’ or ‘modify’ to cater for this process. However it is clear that 
there must be some form of negotiation to determine which constraints are allowed 
to influence the next ‘propose’ cycle. This negotiation process takes the ‘key aspects 
of the design’ as an important input role, resulting in constraints which are allowed 
to influence the next ‘propose’ process. However, how these additional constraints 
then influence the next propose step is not yet evident and open to debate among 
designers. 

Inference diagrams alone do not readily convey some of the temporal features of 
design activity. For example, we found that internal life-cycle constraints were 
given different weight as a design evolved. One design consultant felt that a 
preoccupation with manufacturing and assembly constraints at an early stage could 
limit his freedom. However, he did like to know what these constraints were at an 
early stage so that any conceptual design produced was ‘informed’ by these 
constraints (i.e. the designer does not want to produce ‘ridiculous’ designs which are 
‘impossible’ to manufacture and assemble). One of the companies in the study 
purposefully avoided considering downstream internal constraints at the conceptual 
design stage as it is felt that this limited the designers creativity. 

7 Conclusion 

Internal (life-cycle) constraints play an important part in the concurrent design 
process. Further it is believed that the design evolves via a process of ‘propose - 
critique - negotiate’ both at the stage where a (revised) conceptual design is arrived 
at and in the detailing of that conceptual design. This process is used to unearth and 
assess additional internal constraints during the design process. At the early stages 
of design, it is the designer themselves who applied this thinking on the basis of 
their knowledge and past experience. It is only later on that the designer draws upon 
the concurrent design team. 

A refinement of the KADS model for design has been proposed which explicitly 
incorporates features characteristic of concurrent design. These are knowledge of 
downstream, life-cycle constraints and expansion of the ‘generate’ and ‘detail’ 
inference steps in such a way as to reflect the process of ‘propose - critique - 
negotiate’ that the design teams use. The model has been partially validated by 
analysing the activity of designers and consultants working in industry. 

We believe the concurrent design model presented represents the design processes 
currently used by small to medium mechanical engineering enterprises. 




66 



8 Future Work 

We wish to clarify the negotiating strategies designers and concurrent design teams 
utilise to determine how internal constraints are allowed to affect the design and to 
explore the way in which constraints are not ‘one way’ in that designers push 
against constraints e.g. by influencing the development of, or extension to, the 
capabihty of a manufacturing processes. 

We also wish to analyse the differences in approach between the companies and 
designers we have worked with. Differences are believed to depend upon a range of 
human and sector specific factors. 
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ABSTRACT We present techniques for design and implementation of software 
systems with AI and concurrent S.E. techniques. The stages of conceptualization, 
design and implementation are defined by AI methods. Software systems are 
proposed to be designed through knowledge acquisition, specification, and multiagent 
implementations. Multi-agent implementations are proposed to facilitate a fault 
tolerant software design methodology, applying our recent research that has lead to 
fault tolerant AI systems. A particular approach to and an AI formulation of 
designing fault free and fault tolerant software is presented, which is based on the 
agent models of computation. Design with objects and a novel multi-kernel approach 
is presented. A system is defined by many communicating pairs of kernels, each 
defining a part of the system, as specified by object level knowledge acquisition. An 
overview to agent morphisms and algebras are presented and 
applied to the design. 

Keywords Concurrent Software Engineering with AI Agents, Multi Agent AI 
Techniques, Abstract Multi Agent AI Design, All, Agent Morphisms 
Project_METAAI @ CompuServe.com 

Copyright © Photo reproduction for noncommercial use and conference publications 
is permitted without payment of royalty provided that the copyright notice are 
included on the first page. 

Correspondence P.O. Box 278, Cardiff By The Sea, CA. 92007, USA 
USA Academic Address UCSB when at University 



1. INTRODUCTION 

Techniques are presented for design and implementation of fault tolerant software 
systems with new trends in artificial intelligence. Software fault tolerance is an area 
of crucial importance to which we claim AI techniques might be applied gradually to 
solve real problems encountered in fields such as intelligent systems, aerospace, 
robotics, etc. In fact one of the reasons that traditional software design 
methodologies(see [1], for examples) do not account for a fault tolerance is the lack 
of a coherent fault-tolerant Al/software methodology. It is difficult to design software 
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that is fault tolerant without a degree of intelligence built in to the design techniques. 
Defining software fault- tolerance with AI techniques is new [12,10], while there is a 
well-defined discipline of fault tolerant computing in general(see for example 
[8,9,51). Thus the AI approach presented in this paper could be considered a new 
trend. AI system designs go through the stages of Conceptualization , Design, and 
Implementation Each of the stages has to be approached in ways that minimize 
human error and enable the designed system to automatically recover from faults. 

In the present paper software design is viewed as a methodology that commences 
with a knowledge acquisition phase, followed by a specification phase, and concluded 
by a system realization phase. The present approach defines knowledge acquisition 
for software fault tolerance, system specification for fault tolerant software (FTS), 
and system realization for fault tolerant software systems. Knowledge acquisition 
includes exception knowledge as an essential component, as does system 
specification. System realization is by independent concurrent computing agents. 

The present paper defines FTS by a pair of systems, each consisting of many 
computing agents. The two systems are mutually synchronized to enable fault and 
exception handling and recovery in an automatic manner. The paper also presents AI 
techniques for implementing FTS. The proposed methods have been pointed out in 
the context of problems that concern human error and expert judgement in AI in a 
brief by this author [12]. 

2. KNOWLEDGE ACQUISITION AND SPECIFICATION 

The initial phase of designing fault tolerant software (FTS) is to present the design in 
form of a specification[2]. The approach here is to start with a knowledge acquisition 
phase. This requires either interviewing an expert, brain-storming with a group of 
experts, or structuring one’s thoughts if the specifier is the expert. We present the 
notion of Fault Tolerant Knowledge Acquisition (FTKA) in this FTKA is formulated 
to deal with the conceptualization stage. This is a crucial stage to the design of a FTS. 
The techniques as they apply to the requirement specification problem are further 
developed by the author in [3]. It requires the user to inform the specifier as to the 
domains that are to be expected, i.e. what objects there are and what the intended 
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actions (operations) on the objects are, while fully defining such actions and 
operations. The actions could be in form of processes in a system. The relations 
amongst the objects and the operations (actions) can be expressed by algebras and 
clauses, which the specifier has to present. 

Thus specification are triples <0,A,R> consisting of objects, actions and relations. 
Actions are operations or processes. However, the problems of abstraction [1], object- 
level programming, and agent view of AI computation are the important components 
of inter-play in the present paper. A structural design technique with objects is 
defined to address knowledge abstraction[4] problems. FTKA has some additional 
requirements to be put forth here. The requirement is that each object to be defined 
has to have a dual definition in terms of the actions that are taken for exception and 
recovery. Thus at the knowledge acquisition phase the expert is to state all exceptions 
to actions and what recovery and corrective actions are to be carried out. Thus for 
each action on an object a dual action is to be supplied through FTKA, such that a 
specifier can fully define the effect of the dual actions. Thus the exception and fault 
actions are fully specified in each case. The reader might ask how such dual 
conceptualization can be conceived in design. The way design proceeds as viewed by 
the present approach, is to identify objects actions and relations defining 
functionality. When defining actions on objects the specifier must have a set of 
preconditions to check before an operation or action is permitted. Such set of 
preconditions then automatically form a set of processes to check for validity of an 
operations. This implies that a dual set of actions are to be defined on the objects that 
can take the failure of a precondition and define the alternate recovery actions or 
remedial actions that are to take form on the objects. This is illustrated by the 
example in section 4. 

3. MULTI-AGENT REALIZATION OF SYSTEMS 

The term "agent" has been recently (see [6], for example) applied to refer to AI 
constructs that enable computation on behalf of an AI activity. It also refers to 
computations that take place in an autonomous and continuous fashion, while 
considered a high-level activity, in the sense that its definition is software/hardware. 
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thus implementation, independent [1]. Such functionality is typical of what is 
required to implement complex autonomous planning systems[2]. Agents are in most 
cases informable, thus allowing message passing actions. Thus cooperating expert 
systems can be viwed as simple examples for the agent models of AI systems. We 
can define fault tolerant software systems designed by AI methods as intelligent agent 
architectures [6], with external behavior that is a function of the degree of message 
passing actions and parallelism conceptualized. The fault tolerant specific 
architectural issues are dealt with further in the next two sections. Since our 
specifications consist of objects, actions, and relations defining the effect of actions 
on objects, it is not difficult to show that they can be implemented by a collection of 
active agents that communicate through their operations, parameters and messages as 
conceived by the FTKA phase. The specifications <0,A,R>, once expanded further, 
are in fact of the form <0,(A,F),(RNA,RFA)>, where A is actions, F is faults, and 
(RNA,RFA) their respective relations, NA for normal action and FA for fault action. 
In the example of the next section many objects and their fault functions are 
presented. Now we present a necessary twin-engine turbojet <FTN,FTF>, consisting 
of FTN := <0,A,RNA> and FTF:= <0,F,RFA>, for FTCS with AI techniques. Each 
of the FTN and FTF consists of agents that are mutually, often pair-wise, informable. 
<FTN,FTF> defines a pair of systems, each consisting of a collection of objects, 
actions and relations. Actions could be in form of operations or message 
communication from one object to another. In other words, a collection of computing 
agents forms FTN and a dual collection forms FTF. This defines a concurrent 
collection of systems that can be realized by agents that logically or physically be 
thought of as running on several microprocessors. The degree of fault tolerance is a 
function of the intelligence of the agents implementing the <FTN,FTF> pair. The 
agents have incomplete information about the immediate needs of activating other 
agents or exceptions. Thus the efficiency and fault tolerance of our software systems 
are a function of the degree of intelligence we build in the implementing agents. The 
agents must have some reasoning ability to make transition or message passing 
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decisions. This approach allows us to design systems that can deal with unplanned or 
erroneous behavior in an AI system. 
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In the figure above the agents ai are implementing functions that are defined on the 
objects. The next step is defining the <FTN,FTF> from the fault tolerant knowledge 
acquisition (FTKA) inputs. Its realization consists of a pair of communicating 
systems to be defined in the following sections (see figure). This approach has a 
mathematical computing model, to be presented in subsequent future expositions, 
consisting of an algebra of processes and objects. Preliminary theoretical papers have 
been written by this author during the current year, supporting the computing 
techniques applied here. 

4. AN AUTONOMOUS MULTI AGENT DESIGN PROBLEM 

In this section we take the reader through the design stages of a typical autonomous 
system for real applications involving many modules of independent functionality. 
The method of design an implementation by multi agent AI techniques is then 
illustrated. A typical complex problem domain is the design of autonomous space 
flight system. The AI- Aerospace expert is presented with a stack of documents, often 
volumes of textual narrative description of a system from the point of view of an 
aerospace scientist or engineer. From these volumes the expert is to come up with a 
set of functions, each corresponding to a space flight module, and then to define how 
the modules interact and function together, by defining some operations amongst the 
modules. The modules are each complex hardware-software systems, best thought of 
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as a microprocessor with its own running software, that implements the functionality 
of the module as extrapolated from the design process. 

Let us view one sample set of modules: M1-M8, each representing a functionality Fi, 
respectively. 

Ml: Thrust Control; M2: Stage Control; M3: Orbit Selection; M4 : Attitude Control 
M5: Flight Deck Control; M6: Sensors; M7: Obstacle Avoidance; M8 

Communications; M9: Docking Functions 

We present the implementation of one of the modules, Ml, for the reader, the 
function FI that is to realize Ml. To define the thrust control there are a number of 
parameters that come to play that are hardware implied data or functionality related 
requirements. These are to be specified and then implemented by AI agents. Each 
function defined on the object corresponding to Ml is specified with a set of 
preconditions that imply coobjects to be defined for exception and recovery if the 
preconditions fail. 

Object:= Thrust Control = <TCN, TCF> corresponding to normal and fault coobject 
Ops:= Throttle Level Up (TLU) I Throttle Level Down (TLD) 

Preconditions to be defined are on the following objects or parameter set (PS): 
{velocity, acceleration, attitude and tilt level, trajectory, control panel, obstacle 
encounters}. An operation TLU on the object Ml, thrust control = <TCN,TCF>, is 
preconditioned by the above parameters that are implemented by functions that are 
defined on the coobject TCF to check for faults and exceptions. For example, when 
defining TLU the designer must keep in mind a velocity preconditions relative to the 
various parameters, that must be realized by a function defined on the coobject. 

That function, let us refer to it by velocity check (vc) is a process that always checks 
the velocity to make sure it does not exceeds limits. Similar fault functions are defend 
for all the parameters in the set PS. Thus on the object TCN there is an operation 
TLU and on the coobject TCF there is an operation vc to implement velocity check 
preconditions for normal functioning of TLU. Each of the functions defined on the 
object or coobject are implemented by many agents. For example, when the velocity 
check function is invoked one or all of the following set of functions get activated. 
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An agent veal is invoked to signal Ml to activate some level of TLD, while checking 
with agents running off of panel and sensor readers. It also signals flap controllers if 
space craft is at stage where flaps are effective, to try to recover from hazardous 
conditions. If all fails it activates agents that are to implement automatic thrust 
control to bring velocity to acceptable levels. Similar set of agents are implementing 
for acceleration, attitude and tilt levels, trajectory violation, and obstacle encounters. 
In each case attempt is made by the coobject functions and their implementing agents 
to recover such that the precondition to an operation on the object is met. In the 
figure below objects are represented as <object,coobject>, where the coobject is a 
copy of the object on which faults and recovery functions are defined. The functions 
are implemented by agents ai, where ai are agents implementing velocity, 
acceleration, obstacle avoidance, or agents that check for limitations of such 
functions. 

5. FTS SYSTEMS AND CONCURRENT FAULT CHECKS 

The above multi-agent realization of the specifications implies design with a pair of 
concurrent systems. Each of the two systems is to be designed with a collection of 
kernels, such that there corresponds a kernel for each specification. A kernel consist 
of the minimal set of processes and objects that can be used as a basis for defining a 
computing activity. This term is analogous to the terminology familiar in operating 
systems concepts. The objects and the operations of one set of kernels once defined 
specifies the FTN, while those of the FTP are defined by the dual kernel. The set of 
kernels defining FTN and FTF are synchronized by cross operations and interact by 
some operations that are implemented by message communications between FTN and 
FTF. These operations are defined to either inform the various processes that are 
mutually dependent or to take the system from an active state in FTN to an active 
state in FTF. Note that when exceptional conditions occur the active state is FTF. 
However, both collection of kernels are considered concurrently "running." 

FTF's major task is that of fault handling and recovery. If fault recovery takes place, 
in each kernel, the active kernel (a collection of agents) for a particular function, will 
be the FTN component, while the FTF component does concurrent checks for further 
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exceptions should they be encountered. In each of the kernels there are objects, 
processes defining the operations, and objects to which there is a corresponding 
function in the other kernel. Thus FTN and FTP are a collection of objects and 
processes. FTN := <{01,<pl,...,pn>},{02,ql,q2,..},...{0n,...},RNA> 

RNA is the set of relations on each object and cross objects. 
FTF:=<{01,<el,...,en}>,{02,<ell,el2,...,elm>},...,{0n,<...>},RF> 

RFA is the set of relations on each objects and cross objects. 

Each of the processes can have a corresponding agent in the dual family. The 
<FTN,FTF> pair in a computing system "run" as a concurrent family of processes. 
Various functions in FTN and FTF are represented by agents that are mutually 
informable across the <FTN,FTF> pair. The overall functionality of the system 
depends on the messages passed across from one agent to another. To each 
specification defined by FTKA there corresponds two kernels running concurrent. 
This is depicted by the following transition diagram. 

6. MULTI AGENT DESIGN AND AGENT MORPHISM 

In [12] we present new techniques for design by software agents and new concepts 
entitled Abstract Intelligent Implementation of AI systems (All). The stages of 
conceptualization, design and implementation are defined by AI agents and 
Mediators [15]. Multiagent morphisms are proposed to facilitate software agent 
design. Objects, message passing actions, and implementing agents are defined by 
syntactic constructs, with agents appearing as functions. The proposed All techniques 
provide a basis for an approach to automatic implementation. Interporatability is 
defined by mediators implemetening objects and agents. All techniques have been 
applied to Heterogeneous KB [13] Design and implementation [14]. The application 
areas include support for highly responsive planning. Intelligent implementation of 
software, i.e., the design and implementation by All techniques is due to be an area 
of crucial importance as the AI techniques are applied gradually to the real problems 
encountered in fields such as intelligent systems, aerospace, AI for robots, and 
various applications. AI systems might be defined by the stages of Conceptualization, 
Design, and Implementation. Flagrant Agent Computing by active agent learning and 
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includes exception knowledge as an essential component an is treated in [14]. The 
techniques are defined for designing heterogeneous software. System implementation 
is by independent concurrent computing agents. AI and software systems are defined 
in the present paper by a pair of systems, each consisting of many computing agents. 
The initial phase of the design of the proposed All techniques is to present the design 
with Mediator [14]. At the knowledge learning phase the expert is to state all 
exceptions to actions and what recovery and corrective actions are to be carried out. 
For each action on an object a dual action is to be supplied through FNK, such that a 
specifier can fully define the effect of the dual actions. As an illustration the 
following trivial example is presented. 

Object: = Coffee_Constellation 

OPS:= Serve_Coffee (Type,Table_no) I 

Serve_Coffee (Spectacular_Brew,n) => Signal an available robot to fetch and serve 
(Spectacular_Brew, table n) 

Exp:= Serve_Coffee (Angelika, Table_no) I... 

Serve_coffee(Angelika,Table_no) => if out_of_Angelika notify Table_no; 
offer cookie <and make use of 
intelligent decision procedures to 
offer alternatives> 

APs := <A trivial example>, many robots appear at a critical entrance at once, 
necessitating FA activity. The above figure is an example mediator instantiation for 
the Stellar Robot Populated Coffeeshop. The present approach, once its theoretical 
basis is fully developed as defined in part by the present paper, consist of a pair of 
complex algebras, connected only by agent message passing. This leaves us an 
exciting prospect for a theoretical development of the <0,A,R> algebras and that of 
the A.I.I. theory. <0,A,R> is a pair of algebras, <Alg[A],Alg[F]>, connected by 
message passing and A.I.I. defines techniques for implementing such systems. New 
multiagent computing techniques were defined at our paper in [17]. 
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7. CONCLUDING COMMENTS 

The approach to multi agent software design presented here has actually been applied 
to challenging practical problems in system design by the present author. Illustrating 
examples are provided to clarify the design methods. The specific techniques have 
been a subject of research by the present author over the 1st few years . The paper 
presented in [10,12] were the start in a series of concept papers crystallizing the field 
Fault Tolerant Artificial Intelligence Systems. Faults and exceptional behavior are an 
essential part of a system and must be thought of at conceptualization time, multi- 
agent implementations is the methodology to be applied to the design of the AI 
systems of the future. The abstract intelligent implementations techniques are further 
defined and developed by this author in [11,12]. Mutliagnet robot supervsion is yet 
another application[16]. 
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Abstract. In this paper we present an approach to model a complex information 
system based on the integration of existing information systems. We emphasise 
on the comparison phase of the integration process in which similarities and 
conflicts between the initial systems must be detected. We show how object 
classes can be compared using behavioural aspects of objects and we discuss 
conflicts that can occur between object classes and we give rules to resolve 
them. 



1 Introduction 

The design of a complex information system (IS) is hard to be carried out by a single 
designer. Rather, it demands the participation of designer teams who may work 
separately and use possibly different design methods. In this way, the global IS 
becomes an assemblage of units (subsystems) endowed with various resources. But 
without coordination between these units, the global IS can not be used in practice. 

Many approaches have been proposed to coordinate information systems work [2], 
[7]. For instance, the method proposed in [7] consists in constructing an agents system 
specialised in information sharing and coordination between systems. Although this 
approach is promising, it seems to us nevertheless too formal and requires the 
elaboration of a number of protocols between agents which increases exponentially 
with the number of agents. 

Our proposition to coordinate the different parts of an IS is to integrate their 
conceptual representations. IS integration is a difficult task since the final IS has to 
satisfy the following properties of: 

• Correctness: The final IS has to contain all concepts present in any information 
subsystem correctly. 

• Minimality: If the same concept is represented in more then one component 
subsystem, it has to be represented only once in the final IS. 

• Understandability: The integrated IS must be easy to understand for the user. 

By taking these suggestions into account, we decompose the integration process 
into three steps: the initial IS sub-parts translation using a unification model, the 
comparison of the subsystems in order to identify the common elements between 
them, and finally the merging of subsystems into a global IS. In this paper, we study 
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only the comparison step which is the most important step in the integration process. 

The paper is structured as follows: section 2 is devoted to present the different 
steps of the integration process. In section 3, we describe the comparison step and 
give some formalisms to compare IS elements. Section 4 presents our conclusions and 
future works. 

2 Information Systems Integration Process 

The integration problem in the IS modelling and design field can be compared to 
schema integration in databases [3], [8], [9] on a higher abstraction level. Indeed, in 
the first case we start the integration from a set of conceptual representations, while in 
the second case the starting point is a set of existing databases. 

Our integration process is carried out in three steps: 

• Preintegration: When dealing with information subsystems modelled with different 
design methods, it is necessary to make their conceptual representations 
homogeneous to be able to compare and then to merge them. Thus, a framework is 
needed to unify the concepts used by the different analysis and design methods and 
to help the cooperation of heterogeneous modules and their reuse. The framework 
that we use is a object oriented generic model called MGC02 [5], [6]. 

• Comparison: In order to obtain a minimal IS after integration, we have to identify 
the elements (attributes, classes, methods,...) which are common to the different 
subsystems. Therefore, we need to determine the correspondences between these 
elements. This task is far from being trivial especially when the number of the 
involved subsystems is significant. 

• Conflict resolution and merging: In this step, the conflicts detected in the previous 
step must be resolved. Then, the subsystems merging can begin. This step gives 
birth to the final IS conceptual representation. It is this representation which will 
be implemented. 

Figure 1 shows the different steps of the IS integration process [6]. In this figure, 
different sub-systems ISl, IS2, ..., ISn are modelled using analysis and design methods 
Ml, M2, ..., Mn. After the preintegration step, each sub-system is modelled in the 
Unification Model (UM). 



Preintegration 

Comparison 

Merging 




Fig. 1. The three integration steps 
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3 Comparison Step 

Once the conceptual representations translation is done, the next step in the integration 
process is to find common elements between the original subsystems. The real word 
semantic of a class is given by the attributes, the methods and the state graphs 
describing the class objects and their behaviour. It follows that we can compare 
classes by comparing attributes, then methods and finally state graphs. 

3 . 1 Example 

Let’s take the example of a complex application ’Clinic’ concerning the data 
management of a clinic. It is decomposed into many sub-applications from which we 
distinguish the two sub-applications ’Administration’ and ’Surgery’ concerning 
respectively the management of information of the administration and those of the 
general surgery department. 

Class Person; Abstract 
Properties: 

number. INTEGER 
f_name; STRING 
name: STRING 
age: INTEGER 
address: Address 
Static constraints: 

Uniqueness; number 
Methods: 
createO 
destroy( ) 

ENDCLASS Person 
Class Address: Abstract 
Properties: 



street; STRING 
nr; INTEGER 
city STRING 
Methods: 

changeadrO 
ENDCLASS Address 
Class Patient; Concrete 
Inherits Person 
Properties: 

dateadm: DATE 
service: STRING 
Methods: 

change_ser() 
ENDCLASS Patient 
Class Employee: Concrete 



Inherits Person 
Properties: 

entrance date; DATE 
salary: INTEGER 
Methods: 
change_sal() 
ENDCLASS Employee 
Class Physician; Concrete 
Inherits Employee 
Properties: 

specialty; 

STRING 

ENDCLASSPhysician 



Fig. 2. Textual representation of SI 



Class Operation: Concrete 
Properties: 

nr INTEGER 
op_date: DATE 
responsible: Physician 
patient: Patient 
Methods: 
createO 
destroyO 
changeO 

ENDCLASS Operation 
Class Person: Abstract 
Properties: 



number: INTEGER 
f_name: STRING 
name; STRING 
age: INTEGER 
address: aggregation of 
{street: STRING, 
nr INTEGER, 
city: STRING} 
Static constraints: 

Uniqueness: number 
Methods: 
createO 
destroy( ) 



changeadrO 
ENDCLASS Person 
Class Patient: Concrete 
Inherits Person 
Properties: 

adm date: DATE 
Methods: 

changestateO 
ENDCLASS Patient 
Class Physician: Concrete 
Inherits Person 
ENDCLASS Physician 



Fig. 3. Textual representation of S2 
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The class SI. Physician represents all the clinic physicians while that of S2 represents 
only surgeons. Besides, the class SI. Patient represents all in the clinic admitted 
patients and S2. Patient represents only patients who undergo an operation. 

3 . 2 Real World Semantic 

Although an IS represents objects of the real world, with their properties and their 
behaviour, however the integration process exceeds representations to consider first 
what is represented (the semantic aspects) rather than how it is represented (the static 
aspects) [9]. For example, we want to know if the class SI. Person is the same as the 
class S2.Person even if the properties of the two classes are not identical. Thus, we say 
that two information systems have some common things, if objects of the real world 
that they represent have common elements. The determination of correspondences 
between elements of information systems is therefore based on the real world objects 
semantics. We define the real world semantics (RWS) of an object class as being the 
set of all real world objects which properties and behaviour are those represented by 
this class. Our definition of the RWS is different from that proposed by [3], [8], or [9] 
concerning database schema integration in the fact that the latter is based on the class 
extension occurrences. 

3 . 3 Attribute Comparison 

The attribute comparison is based on the comparison of class structures i.e. the class 
attribute names and their types. 

Let S be an IS and C a class of S. Each attribute a of C is defined by its name N(a) 
and its type fra). So Att(C) is the set of couples defining the C attributes. 

Att(C)={(N(a), fra)) / a is a C attribute}. 

A set of class attributes is formed by the attributes inherited from the superclasses 
and the specific class attributes. Before comparing two classes, it is therefore 
necessary to determine all their attributes. In order to formalise this, we formalise first 
the ‘is-a’ relation between classes. The formalism which we use is similar to [1 1]. 

Definition 1. The subclass relation on S, denoted by sub(S), is defined as the reflexive 
and transitive closure of : 

isa(S) = {(Cl, C2)/ Cl, C2 g S a C2 is a superclass of Cl}. 

Now we can define the set of attributes of an S class C . 

Definition 2. Let A be the set of the C specific attributes. The set Att(C) of all 
attributes of C is defined as Att(C) = A u{ (N(a), fra)) | 3C’g S: (C, C’) g isa(S) a 
(N(a), fra)) G Att(C’) a V(N(a’), t(a’))eA: a ^ a’}. 

Every class in an IS has a type which describes the its structure. Informally, the 
structure of a class is an aggregation of its attributes. 

Example. 

In our example we have: Att(Sl.Person)= {(number, INTEGER), (name, STRING), 
(f name, STRING), (age, INTEGER), (address. Address)} and Att(S2. patient)= 
{(number, INTEGER), (name, STRING), (f name, STRING), (age, INTEGER), 
(address, aggregation_of{ street: STRING, nr: INTEGER, city: STRING.)} 
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The structure of a class can be represented by an infinite labelled tree whose 
nodes are types and whose leaves are predefined types. The edges labels are attribute 
names. The relationship between two class types is then expressed in terms of 
homomorphism between trees representing their structures. From this mapping, the 
common attributes between classes are deduced. A detailed study of this formalism 
can be found in [1 1]. 

Example. The Structures of SI. Person and S2.Person will be represented by the two 
trees given by figure 4. Note that the trees are not infinite because we have no 
recursive types. 





TTJ r e s s 







Fig. 4. Structure of Sl.Person and S2.Person 

The two trees are isomorphic since there is a bijective map between their nodes 
and edges. Consequently type(Sl. Person) and type(S2. Person) are equivalent and the 
two classes have the same static structure and consequently they share the same 
attributes, n 

The attributes of a class represent its static aspect. Class methods are part of its 
dynamic aspect. If two classes share a significant number of attributes, they will 
probably share some methods which use some of the common attributes. The method 
comparison is presented in the next sub-section. 

3 . 4 Methods Comparison 

Each method m of an object class has a body b(m), a type r(m) (result provided by the 
method) and a signature sig(m) giving the name and the set of attributes. Meth(C) is 
then the set of triplets defining the methods of a class C. 

Meth(C)={(sig(m), b(m), r(m)); m is a C method.} 

The methods set of a class is formed by the methods inherited from the 
superclasses and the specific class methods. 

Methods of a class can be modelled using so called class-methods whose attributes 
represent the arguments, the body and the type of a method. (The name of the method 
is given by the name of the class). This concept is used also in Shood [4]. 

Links between the class-methods are semantic links between the different methods. 
A definition of the different types of links is given in [10]. Especially, one 
distinguishes the inheritance link which models an overload. Indeed, an inheritance 
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link between a super-class-method X and a sub-class-method indicates that the method 
Y overloads the method X. 

So, similarly to class structures defined in the previous sub-section, we can define 
structure of class-methods. Thus, comparison of methods of two classes of different 
information systems leads to attribute comparison of class-methods. The difficulty 
here resides in the comparison of method bodies. From the theoretical point of view, 
this comparison is possible. By choosing an appropriate formalism to specify method 
bodies this comparison can also be carried out automatically [11]. 

A class state graph describes the behaviour of its objects. This behaviour is 
expressed by the set of methods changing an object fi-om a state to another. Thus, if 
two classes have some common methods, it is probable that they share also some parts 
of the state graphs of each other. So, the study of the relation ship between state 
graphs is important. 

3 . 5 State Graph Comparison 

A class state graph describes the behaviour of its objects in response to an event 
occurrence. This behaviour is the same for all the class objects. Basing on this 
property, we try to translate semantic relationships between objects of two classes 
belonging to different information systems. Each link will be expressed in terms of 
relationship between the state graphs of the considered classes. This helps, given two 
state graphs, to determine the relationship existing between the corresponding classes. 
This relationship can be either an inclusion, a strict intersection, or a disjunction. 

Definition 1. Let C be a class of an IS S, and O an object of this class. Let st(C) be the 
set of states that an object O can take during its life cycle LiC(O). st(C) contains a 
particular state stateO that corresponds to the state taken by the object O before its 
creation and after its destruction. The C state graph, G(C), can be defined as follows: 
G(C)= (Evt(C), Const(C), Meth(C), st(C), state0,5, X) 
where the functions 5 and X are defined by: 

5:st(C)xEvt(C)xConst(C) -> st(C) 

5(q, e, c) = the state taken by an object of C being in the state q in response to an 
event e when the condition c is satisfied. 

X:st(C)xEvt(C)xConst(C)-> Meth(C) 

X (q, e, c) = the action activated on an object of C being in the state q in response 
to an event e when the condition c is satisfied. □ 

Example. The state graphs of SI. Patient and S2.Patient are represented in figure 5a 
and figure 5b respectively. 



(Evt3, c3)/chang_ser() 



(Evtl, cl)/ createO 



StateO 



(Evt2,c2)/destroy() 



0 



hospitalised 



Fig. 5a. State graphs of SI. Patient 
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(Evtl, cl)/create() 



stateO 



Hospitalised 



Evt2/destroy() 

(Evt2,c2)/ ^^vt4, c4)/ 

destroyO Operated change_state() 



Eig. 5b. State graphs of S2. Patient 

where Evtl : appoint patient to a service; 

Evt2: patient leaves the clinic; 

Evt3: patient changes services; 

Evt4: operate patient, 
cl, c2, c3, c4 are constraints. 

Definition 2. A path p(stateO, qn) in G(C) is a transition sequence (stateO, (eO , cO)/ 
mO, ql)(ql,(el, cl)/ ml, q2) ... (qn, (en , cn)/mn, q{n+l}), where n>0 and for all 
i, 0<i<n we have: 5(qi, ei, ci)= q{i+l}. 

P(C, qn) is the set of paths p(stateO, qn) in G(C). 

The length len(p( stateO, qn)) of a path is the number of transitions that compose it. 
The event sequence relative to p( stateO, qn) is eO el... en. 

The action sequence generated by p(stateO, qn) is mO ml... mn. □ 

Remark that the event sequence relative to a path p(stateO, qn) in G(C) represents 
a scenario of the life cycle of an object of the class C. 

In the following, we study the relationship that can exist between two state graphs. 

Definition i. Let SI and S2 be two distinct information systems, Cl and C2 be two 
classes belonging respectively to SI and S2. 

G(C1) c G(C2):<=> Evt(Cl) e Evt(C2) a st(Cl) e st(C2) a Const(Cl) e Const(C2) a 
Meth(Cl) e Meth(C2) A 51 and X\ are the restrictions of 52 and of X2 to the set 
st(Cl)xEvt(Cl)xConst(Cl) respectively, i 

If the objects behaviour of a class is the same as a part of the objects behaviour of 
another class, then the former contains the first. This fact can be demonstrated by the 
following lemma. 

Lemma 1. G(C 1) q G(C 2) => Cl c C2. □ 

Proof Suppose that G(C1) c G(C 2). Then P(C1, stateO) c P(C2, stateO). If Clct 
C2 then one could find an object O such that Oe Cl and O ^ C2. Since O e Cl 
means that there exists a path p(stateO, stateO) in P(C1, stateO) whose sequence of 
events is a scenario of LiC(O) and 0$?C2 means that no path in P(C2, stateO) 
corresponds to a scenario of LiC(O), we obtain a contradiction with our hypothesis 
because p(stateO, stateO) belongs to P(C 1 , stateO). 
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Definition 4. G(C1) n G(C2) ^ : o Evt(Cl) n Evt(C2) a st(Cl) n st(C2) (|) 

A Const(Cl) n Const(C2) a Meth(Cl) n Meth(C2) (j) a V p(stateO, stateO) 
eP(Cl, StateO), len(p(stateO, stateO))>l: p(stateO, stateO)eP(C2, stateO). n 

If the behaviour of a subset of class objects is the same as a subset of objects of 
another class, then the two classes have a non empty intersection. This fact be 
demonstrated by the following lemma. □ 

Lemma 2. G(C1) n G(C2) ?^=(|)<:^ ClnC2 9^:(|).n 

Proof G(Cl)nG(C2)9^(|)<z> Evt(C 1 )nEvt(C2)^ (|) a st(C 1 )nst(C2)^ (|) a 

Const(Cl)nConst(C2)7^ (|) a Meth(Cl) n Meth(C2)?^ (|) a V p(stateO, stateO) eP(Cl, 
StateO), len(p(stateO, stateO))>l: p(stateO, stateO)eP(C2, stateO). <=>30: the event 
sequence relative to p(stateO, stateO) is a scenario of LiC(O) a O €C1aOgC2 <=> 
Cl n C2 (j). □ 

Thus, in order to compare two classes from different information systems, we try 
first to compare their attributes and methods. Once some similarities are detected, we 
compare the state graphs. 

3 . 6 Conflicts Taxonomy 

When a correspondence describes some elements as being identical (i.e., they have the 
same representation and the same semantics ) their integration is then obvious: the 
integrated element (which will be present in the final IS) will be identical to the input 
elements. But, in most cases, the corresponding elements present some differences in 
their representations or in their semantics. This case leads to a conflict situation. We 
give hereafter a taxonomy and some examples of conflicts occurring when comparing 
two subsystems. 

• Classification conflicts: A classification conflict occurs when the corresponding 
classes describe object sets which are different but semantically linked. In our 
example Patient in SI describes patients that have been admitted in the clinic 
while Patient in S2 describes only patients who undergo operations. 

• Structural conflicts: A structural conflict occurs when the corresponding elements 
are described using different concepts belonging to different abstraction levels, for 
example a class and an attribute. In our example, there is a structural conflict 
between the SI class Address and the S2 attribute Person. address. 

Other types of conflicts can be met, namely, descriptive conflicts and dynamic 
aspects conflicts. 

3 . 7 Conflict Resolution 

Once the correspondences between systems are established, the integration can begin. 
Every correspondence is analysed in order to determine which integration rule will be 
applied to obtain the corresponding final IS elements. The major difficulty of this step 
to resolve is the emphasis on the different conflicts and the semantic problems 
detected in the comparison step and their resolution. Some merging rules must be 
therefore established . 
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As a solution for the classification conflicts we propose to include in the 
integrated IS an appropriate generalisation-specialisation hierarchy as detailed by the 
following rules. The resolution of the other conflicts requires a deep study of the 
abstraction level of the concerned elements. 

Rulel: G(C1) c G(C2) Generalise(C2)A Mask(Meth(C2) \ Meth(Cl)) a 
Mask(Att(C2)\ Att(Cl)) ASpecialise(Cl, C2) 

Rule2: G(C1) n G(C2) ^ ^ ^ Generalise(ClnC2) a Specialise(Cl \ C2, ClnC2) a 
Specialise(C2 \ Cl, ClnC2) 

where Generalise(C) is a method which creates a generalisation class C; Specialise(C, 
C’) is a method which makes from C a specialisation of class C’; and Mask is a 
function defined on the set of attributes and methods of a class and it allows the 
masking of some properties of classes [1]. By comparing both systems of our example 
we obtain following similarities and conflicts: 

• the classes SI. Person and S2. Person are equivalent because they have the same 
attributes, the same methods and the same state graphs; 

• the classes SI .Patient and S2.Patient have a not empty intersection; 

• the class S2.Physician is included in SI. Physician. 

By applying the above defined rules on our example we obtain the following 
integrated IS conceptual representation: 



Class Person: Abstract 
Properties: 
number: INTEGER 
f_name: STRING 
name: STRING 
age: INTEGER 
address: Address 
Static-constraints: 
Uniqueness: number 
Methods: 
createO 
destroy( ) 

ENDCLASS Person 

Class Address: Abstract 
Properties: 
street: STRING 
nr: INTEGER 
city: STRING 
Methods: 
changeadrO 
ENDCLASS Address 

Class Patient: Abstract 
Inherits Person 



Properties: 

dateadm: DATE 
ENDCLASS Patient 

Class Patient I: Concrete 
Inherits Patient 
Properties: 
service: STRING 
Methods: 
changeserO 
ENDCLASS PatientI 

Class Employee: Concrete 
Inherits Person 
Properties: 
entrancedate: DATE 
salary: INTEGER 
Methods: 
changesalO 

ENDCLASS Employee 

Class Physician I : Concrete 
Inherits Employee 
Properties: 

specialty: STRING 



ENDCLASS Physician 1 

Class Operation: Cone. 
Properties: 
nr: INTEGER 
opdate: DATE 
responsible: Physician2 
patient: Patient 
Methods: 
createO 
destroyO 
changeO 

ENDCLASS Operation 

Class Patient2: Concrete 
Inherits Patient 
Methods: 
change_state() 

ENDCLASS Patient2 

Class Physician2: Concrete 
Inherits Physician 1 
ENDCLASS 
Physician2 



Fig. 6. Textual representation of the integrated IS S 
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4 Conclusion 

In this paper we have given a cooperative information systems modelling method 
based on the integration of the systems conceptual representations. We have described 
only the main step of the integration process, namely the comparison step. The novelty 
of our approach is the use of state graph relationships to determine correspondences 
between classes. The theopretical approaches used to compare classes are invariant 
w.r.t. renaming of attributes or methods. 

Further research includes improvement of all the discussed theoretical aspects used to 
compare information systems elements. We are also studying the different possible 
conflicts between information systems elements and trying to extend the set of 
merging rules. 
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Abstract Data stmcturing mechanisms suited to complex problem solving 
environments have, in general, only been satisfactory for static processes. The 
challenge of complexity, for example, of process dynamics, in which human 
managers interact continuously with control systems and environmental 
changes, has focussed our research program on new paradigms in knowledge 
engineering and their associated requirements for novel data structures to 
support knowledge modeling. 



This paper reports our conclusions regarding an emergent paradigm for expert 
resource management systems and identifies the requisite data structure, which 
is based on a semantic network abstraction “system map”. Other examples of 
emergent paradigms in knowledge engineering will be found in [Gamer, 96] 



1 Introduction 

In general, the more common decision making process published in the literature [1] 
are based on the heuristics of people controlling such processes. Such processes 
have provided suitable problem solving environments for the most frequently cited 
expert systems (e.g., medical diagnosis, fault diagnosis in machines, etc). The 
heuristic in such first generation systems were computationally tractable due to their 
implementation in program form using simple notations for rules and attributes. 
Basically, the programs compare instances of data abstractions and map to possible 
solutions using hierarchically classified heuristics. However, while rule-based data 
abstractions solve simple problems of a linear nature, there are some serious 
disadvantages in extending the use of this approach; namely: 
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• To add any new heuristic to the existing classification is a somewhat 
tedious (manual) process; sometimes the whole rule pattern may have 
to be reorganized!; 

• Analysis of the abstracted data is purely sequential, which degrades the 
overall speed of solution discovery. For a growing expert system, this 
factor will be a major bottleneck; 

• Data abstraction is normally dependent upon some specific language 
rather than a conceptual (generic) form. This feature limits heuristic 
processing, due to the functional characteristics of the selected 
language; 

• Problem decomposition is difficult for dynamic environments, and 
hence, expert systems implementation for non-trivial decision making 
processes (specifically, real-time management problems) has been 
found to be difficult in practice. Refer to [10]. 

Work at Deakin on both a Knowledge-based kernel for distributed operating systems 
[4], Information Systems Models for creative processes [12] and Heuristic Map [3] 
has identified sources of new heuristics, resulting in the development of a semantic 
model for extensible heuristics, based on an object-oriented data abstraction. In 
modelling expert systems for resource management, a semantic network is expected 
to describe the structure of management control and associated attributes very 
precisely, supported by the concept-type hierarchy [8]. The concept-type hierarchy 
helps to establish and maintain a management regime with instances of managerial 
concepts and resources, and their inherited properties, acting as necessary 
parameters for scheduling operations. In other words, a complete network of 
concept instances is required to emulate a suitable data structure for resource 
management. Since the number of concept types and their instances are finite for a 
particular domain, a resource management semantic network is achievable. More 
precisely, this new data model has an object-oriented semantic network as its 
underlying data structure, emulating a hierarchical management model. The high 
level functions are configured in the form of “manager objects”, represented by the 
object-oriented nodes of this network. Each “manager object” has the ability to 
gather and maintain sufficient peripheral knowledge to carry out its own resource 
management functions. This new model is called SYSTEM MAP as it represents 
the total system capabilities. SYSTEM MAP is itself an object that takes 
responsibility for the overall system performance. 

In all combinatorial problems (i.e. in most resource management) the convergence 
of an expected solution can be realized when heuristics are applied from higher level 
objects to lower level objects. When a lower level object cannot find a solution, it 
can interact with its immediate higher level object to resolve conflict. This paper 
explains how this abstract data structure (i.e. SYSTEM MAP) may be used to derive 
a generic model called HEURISTIC MAP, in which meta-level heuristics, with 
cooperative feedback between levels can be applied to resolve combinatorial 
scheduling conflicts. 




91 



Further investigation of this heuristic abstraction has resulted in the development of 
a novel data structure that accommodates both hierarchical and peer-coupled 
heuristic classification. Basically, this paradigm accommodates both data 
abstraction and heuristic processing. It also implicitly represents conceptual graph 
structures [9]. The meaning of management control and types of control 
architectures are now described. 

2. Management Models 

2.1 Meaning of Management Control 

A vital function of any management system is to maintain optimum control over the 
underlying resources in order to achieve a set of goals. In general, such resource 
management kernels are complicated and require a set of knowledge-based elements 
such as planning, scheduling and monitoring which are understood as essential 
features of any decision making process. These knowledge elements are basically of 
either an empirical or heuristic nature, thereby supporting traditional human 
experience in making decisions, in refining and storing knowledge, and in exercising 
their knowledge modeling skills. 

Complexity of a decision making process depends upon the goals and the diversity 
of resource types involved in achieving these goals. Limited resources usually relate 
to simple goals and a single manager. Single (human) managers can handle such 
resource management with the required efficiency. On the other hand, corporate 
management within industries, government organizations, defence establishments, 
etc, usually have multiple goals, and hence have to manage vast resources of various 
types. Other related issues in complex resource management include: 

• decision making in real-time, 

• reliability of the desired control function, 

• dynamic growth (extensibility) 

Real-time decision making processes in particular, require not only the accumulation 
of sufficient knowledge relevant to a goal, but also a knowledge modeling process 
that allows the application of such knowledge in real-time. Secondly, the reliability 
of control functions depends upon proven methods in the application of knowledge. 
Meta knowledge, thus, becomes an essential component of the whole knowledge 
base. Thirdly, fault tolerance needs additonal heuristics to bring the system back to 
a normal state. Finally, dynamic growth depends upon a management control 
structure. It is essential to select a suitable control structure that allows the 
management process to expand dynamically without limitation. 
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2.2 Types of Control Architectures 

There are several factors involved with the resource management process in 
adapting a suitable management structure. Such factors include the amount of 
resources, diversity of resources, diversity of goals, cost effectiveness, etc. In 
general, control in resource management systems requires one of the following 
strategies: 

• Autocratic control 

• Sequential control 

• Partitioned control 

• Co operative autonomous control 

• Hierarchical control 

A discourse on such control strategies is provided elsewhere [4] . 



2.3 Knowledge Distribution in Management Models 

The centralized characteristic of decision making processes is exemplified by such 
strategies as ‘Autocratic’, and ‘Autonomous but Sequential’ . Unless meta- 
knowledge is used to manage the knowledge base, a possibility of computational 
explosion exists. Reasoning in knowledge-based systems (including human 
managers) is defined as a process of accumulating information by inference until the 
solution to a given problem is identified. During reasoning, knowledge is usually 
processed in sequential mode, and exploring a large knowledge base for decision 
making will typically slow the overall performance. Moreover the centralized 
nature of most knowledge bases leaves little scope for interaction, and hence there is 
no way to justify the correctness of decisions made by computer. Finally, the 
knowledge engineering process is, overall, very cumbersome, due to the 
maintenance of a large centralized database. 

In the case of partitioned control, domain knowledge exists at one level, but is 
partitioned according to specialization. The management is performed in a typical 
multitasking manner. That is, knowledge processing may be classified depending 
upon either resource types or functions and can be performed concurrently. This 
effectively improves the speed of the overall management process. This scheme is 
much faster than the centralized case. However, the reliability of the knowledge 
source is still poor. The reliability can, however, be improved by distributing 
knowledge sources to each partition. But there is a major disadvantage to this 
scheme: that is, the knowledge interaction is minimal due to the high degree of 
specialization of the partitioned knowledge source. Feedback is, thereby, 
constrained, resulting in less opportunity for management improvement of 
performance. This scheme basically uses the combinatorial nature of management 




93 



analysis in achieving the solution. A major problem in this method is to synchronize 
the actions of the various knowledge sources in completing each management task 
required by the process. This scheme may be more suitable for production-oriented 
resource management, which usually requires less knowledge, as well minimal 
knowledge interaction using pipeline style processing. 

In the case of the hierarchical model, the knowledge is abstracted vertically and 
distributed horizontally. The rationale behind the partitioning of the knowledge is to 
provide meta-knowledge with more heuristics at higher levels for resolving 
conflicts, and in turn, achieving goals such as performance tuning, load balancing, 
fault tolerance, etc, thereby leaving the highly specialized knowledge at the lower 
levels for production maintenance. Basically a heuristic can be used to build an 
inference engine at one level to control the actions of its lower level. Although 
heuristic knowledge is essential at every level, its distribution varies throughout the 
levels. That is, fewer heuristics at the lower level and most heuristics at the highest 
level. The variation of heuristics through out the levels should be linear for 
achieving well-tuned hierarchical management. 

This strategy also embraces the requirement for distribution of heuristics within the 
partitioning of each vertical level, thereby improving the reliability and availability 
of the knowledge sources. Knowledge interaction exists both at peer level and at 
different levels. Vertical abstraction provides a basis to partition the knowledge at 
decision making level or provides a mechanism called meta-level reasoning, by 
which decision making can be hierarchically planned to solve even complex 
problems. 



3 DYNAMIC DATA MODEL 

3.1 Scope of Semantic Network in Resource Management 

Semantic networks can be used to represent declarative knowledge expressed in 
graphical form, and they enable us to record information about observed real world 
objects. This concept was first introduced in Quillian’s work [7] on natural 
language understanding. The basic idea is that the message content can be 
considered as autonomous at the conceptual level. Conceptual graphs derived from 
a discourse permit subsequent analysis of future dialog on related concepts. Though 
the initial work focused on developing a semantic network for machine 
understanding of natural language, many other expert systems adopted this semantic 
net mechanism as their domain knowledge representation scheme [6], [2]. The 
functional requirements of resource management systems represent a typical case 
where an object-oriented abstraction would considerably simplify the task of 
designing and maintaining these systems. The resource management in a distributed 
environment requires careful resource allocation for tuning the systems 
performance. Moreover, as growth occurs distributed resource management has to 
accommodate new resources dynamically. The resource management load tends to 
increase. This implies that the supervisory role in such systems becomes a major 
concern, and hence dynamic control management is necessary in addition to the 
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lower level functions, which are more akin to process control. The complexity 
results from the various data structures necessary for the supervisory and resource 
management functions that are involved in supporting user processes and their 
needs. While many languages provide static data structures suitable for a 
uniprocessor operating system, it is very difficult to realize the diversified, 
functional environment of a distributed resource management system in practice. 

Our new data model has an object-oriented semantic network as its underlying data 
structure emulating an hierarchical management model, and is termed a “SYSTEM 
MAP” (refer to Figure 1). 



3.2 SYSTEM MAP STRUCTURE 

In application domains such as resource management, the conceptual elements of the 
network are expected to emulate real-world entitles. The dynamic nature requires 
each concept ‘s instance to be associated with the necessary operational procedures 
to act on the surrounding structural and factual information. Each element of the net 
behaves like an ACTOR, or more generally, as an element of the abstract data 
structure, due to the distribution of knowledge. Hence, a semantic network of this 
type is a collection of these objects (or elemental abstract data structures) that are 
interconnected structurally and work in a coherent manner to maintain and exercise 
domain knowledge. The organization of the knowledge-base presents a view of an 
abstract mechanism that hides the information within the nodes or objects. 
Moreover, the hierarchical nature of the semantic network structure is ideally suited 
to the emulation of an application domain of the hierarchical type. 

A domain graph is supported by two types of dictionaries, namely the object 
dictionary and the relation dictionary. The object dictionary is used to keep track of 
objects in the graph, to identify their types, to locate the object templates and to store 
the objects access modes. The global relation dictionary keeps the location of the 
relations in the whole domain graph. Each subdomain is accompanied by a domain 
dictionary for its objects (or concepts). The root object of each subdomain 
represents the domain object itself. Type hierarchy information is part of the data 
structure. The role hierarchy can maintain the manager hierarchy for resource 
management. The concept type hierarchy and accompanying templates may be used 
to construct the semantic network data structure. 

Since a modular approach improves both design and processing efficiency, our 
domain graph has been structured into subdomains. Each subdomain has its own 
object dictionary. The graph maintenance functions may be incorporated in the root 
domain object of the network called SYSTEM to provide a user interface. 
Operations for a domain-based network include: 
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7. make template (or make concept type) 
3. change domain. 

5. copy assertion. 

7. join assertion. 

9. check assertion. 

11. show concept. 

13. move concept. 

15 list domain dictionary. 

17. check access rights of concept 



2. make domain concept. 

4. make assertion. 

6. restrict assertion. 

8. simplify graph. 

10 delete concept (or assertion). 

12. Activate and deactivate concepts 
14. locate domain. 

16. list relation dictionary. 



4 EXPERT SYSTEMS MODEL FOR DISTRIBUTED MANAGEMENT 
SYSTEMS 

4.1 Representation of Criteria for Decision Making 

Examples of the domain specific concepts of a management system are manager 
entities themselves, their characteristic, their relationship with other manager 
entities, tasks associated with each manager entity, etc. 

The systems should also be capable of representing the criteria for making decisions 
based on the domain knowledge. To carry out the actual process of intelligent 
managerial support, meta-level knowledge about the execution-mechanism needs to 
be represented in the system. The knowledge processing capability is supported in 
each abstract object by an additional data structure called the skill-base environment. 
This data structure provides a mechanism to support the goal specification, the 
procedures for reasoning and inferring, and an event mechanism to activate the 
object. SYSTEM MAP may be visualized as an object-oriented semantic network 
that maintains the distributed control structure to support the domain knowledge of 
resource management system. The system derives its intelligence and effectiveness 
from this knowledge, which in turn must be maintainable with ease. 

The skill base component of the knowledge base is fully distributed among the 
manager objects and consists of a rule file and an associated inference engine. The 
rule files consist of rules in declarative form, and represents the heuristic knowledge 
of an object. The knowledge-base editor component helps a knowledge engineer to 
add/modify the rules or to add/remove manager objects, etc. Figure 2 shows a 
control model of our expert system used in hierarchical management systems. 

4.2 Heuristic Map 

The systems knowledge base has three distinct components: 

(i) knowledge dictionary/database 

(ii) skill (actors) of the knowledge-base; and 

(iii) knowledge-base editor/interpreter. 
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The database component of the knowledge-base maintains, basically, two types of 
information as follows: 

(a) structural details of the system objects; and 

(b) factual data showing the status of the objects environment. 

The skill-base for resource management uses heuristics at every level to support 
inference. As an instance, an abstract manager object could accumulate new 
knowledge through inference, and then apply that new knowledge to adjust the 
system performance. Each higher level object applies its own heuristics to the 
partial solution provided by the heuristics of lower level objects. The invocation of 
heuristics can occur both in a bottom up flow or top down, depending on the level of 
control to be exercised, as shown in the heuristic map (Figure 3). At the top level a 
manager object maintains its heuristic knowledge stored as rules. Similarly, the 
objects at lower levels maintain their own heuristics in their respective rule files, 
which are then processed by inference mechanisms provided within the objects. 




Figure 2: Expert System Model for Distributed Management Systems 

In all combinatorial problems (i.e. most resource management problems) the 
convergence of an expected solution can be realized when heuristics are applied 
from higher level objects to lower level objects. When a lower level object cannot 
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find a solution, it can interact with its immediate higher level object to resolve 
conflicts. This method of heuristic classification has already been demonstrated 
using an object-oriented semantic network in modeling a kernel of a distributed 
system [4]. 




Figure 3: Heuristic Map 



5 WATER RESOURCE MANAGEMENT 

The HEURISTIC MAP in Figure 4 depicts a water resource management 
application, a prototype developed in collaboration with the Geelong Water Board 
(Australia). It is designed to capture the four requisite knowledge types: 

• Domain Knowledge 

• Structural Knowledge 

• Strategic Knowledge (e.g. Actors) 

• Meta-knowledge 
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Figure 4: Heuristic Map of Water Resource Management 
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The goals and heuristics used in the prototypical Water Management System are 
shown in Table 1. 

Table 1: Goals and Heuristic in the Prototype Water Management System 



Manager 

Name 


Goal 


Heuristic 


Manager 


Reliable and efficient 
water 

distribution. 


Providing more resources and 
Applying high-level scheduling 
with 

the help of global knowledge 


Supervisor 


Optimum resource 
distribution 


Resource scheduling and control 
depending upon the season and 
demand 


Basin 

Keeper 


Uninterrupted water 
supply and 

maintaining a standard 
quality' 


maintaining certain emergency 
procedures including 
maintain ing commun ication 
with supervisors 



In the management hierarchy the manager, the supervisor and the basin keeper are 
primarily decision making objects. Each object has a set of heuristics appropriate to 
the type of decision making. The manager is the highest level object in the 
management hierarchy and it has the task of looking after several supervisors. The 
manager object maintains necessary meta-knowledge required for abstract level 
control and applies one or more from a set of accumulated heuristics when consulted 
by supervisors. 

The supervisor subclass is the second level object in the management hierarchy, and 
it has the task of managing and guiding the basin keepers. The supervisors consult 
their manager if a higher level decision is required. It has a set of heuristics to 
produce decisions when confronted by basin keepers regarding day-to-day running 
of the water basin. The keeper subclass is the third level object in the management 
hierarchy. It has the task of carrying out the plant maintenance and water treatment. 
The keeper has a set of heuristics to make decisions about day-to-day problems 
occurring at the basin or when the keepers should consult the supervisors for a 
higher level decision. 
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Abstract. The objective of this paper is to discuss some aspects of large scale 
knowledge bases, especially the ways of building knowledge bases from the 
view point of using knowledge bases for solving real problems and for assuring 
knowledge based systems generality. A new modeling scheme for representing 
problems including strategic decision is discussed as well as a way of 
generating problem specific problem solving systems. Many multi-level 
concepts such as a multi-level function structure and its corresponding 
knowledge structure, multiple meta-level operations, a multi-strata model to 
represent problems including human activity, etc. It is shown that the system 
realizes not only the generality but also practicality of problem solving by 
enabling automatic programming. 



1. Introduction 

The largest difference between persons and computers in problem solving is 
autonomy and generality to include the wide range of activities in the actual scope. 
Here the term problem solving is used in a very wide sense to mean every activity to 
derive answer meeting given conditions in a given environment. Generality requires a 
system to process the wide class of problems. Large Knowledge Bases are 
indispensable for actual intelligent systems from the viewpoint of generality. The 
objective of this paper is to discuss some issues on large scale knowledge bases and as 
well the way of building and using them. The approach taken in this paper is to 
introduce a new multi-level concept so as to enable the system to make decisions 
dynamically on the way of problem solving [1]. In a sense it is to include many virtual 
persons in the system [2]. In this paper, various concepts and methods to meet the 
conditions presented are discussed in Chapter 2. The outline of the concrete 
representation of knowledge to realize these concepts and methods are in Chapter 3. 
The condition of large scale knowledge base is discussed in Chapter 4. Chapter 5 is 
the conclusion. 
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2. A way of making knowledge based systems general 

The condition of a problem solving system being general is that it should be able to 
deal with different problems in the same system [3]. There are various types of 
problems such as analysis, design, control, decision making, diagnosis, planning, 
scheduling, teaching and so on. Most of them are not well dealt with by conventional 
software method but require the system a capability to find a solution itself in a large 
space. Since the space is open, self-controlled exploration in the space is necessary. 
The system must be provided with the various methods to solve the different type of 
problems, each of which is represented by a specific knowledge chunk. Furthermore, 
a complex problem concerns different problem domains and since a problem requires 
domain specific knowledge, the system must be provided with a global knowledge 
base including the various domain knowledge. 

In order to use knowledge effectively, the system must be able to extract only the 
necessary knowledge from the knowledge base referring to the type and the domain of 
the problem to be solved. For this purpose knowledge must be well structured. 



2.1. Exploratory problem solving 

People use a general method of problem solving known as the scientific method 
today. In this method a problem is represented explicitly, is analyzed and evaluated 
whether it satisfies the given requirements, and if not, it is modified. This 
analysis/modification process is repeated until the goal is reached. Representing this 
method explicitly and giving it to computer systems is necessary for achieving the 
goal mentioned above. Knowledge is used for promoting this process. A hierarchical 
object model representation is necessary. 



2.2. Meta-operation for defining and controlling problem solving 

The search space to be explored is, in the usual case, vast and unforeseen. In the 
repetitive problem solving scheme of Figure 1, only a small portion of the 
neighborhood of the current model in the solution space is explored. Guiding the 
selection of the next model as a candidate is important. Concretely, this is to select a 
proper model modification operation at object-level. This is a meta-level operation. 
The selected knowledge being applied to an object model changes the state of the 
model. In order to give the system a capability of adapting to the changing 
environment and also the freedom of adding, deleting or changing knowledge, the 
meta-level operation should also be knowledge-based. Thus the concept of meta-level 
knowledge strongly concerns the design of knowledge representation language. 
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Figure 1: Exploratory problem solving 



3. Internal representation of basic concepts 



3.1. Multi-strata model as problem model 

Building only an object model however is not adequate for representing one’s idea 
and does not initiate any problem solving. A problem arises when some subject has an 
intention to do something with an object. Every object has many aspects, but only 
some of them which the subject has interest in and intends to deal with defines the 
subject’s own problem and are included in the model. Different object models may be 
created depending on personal interests even if the object is the same [4]. A multi- 
strata modeling scheme to include human intention is necessary as shown in Figure 2. 

In this modeling scheme, a base stratum arises from some lowest stratum object 
01. This is the basic object model. In the next stratum this problem solving itself is an 
object 02 and another subject S2 solves the problem created in relation with the 
object. The requirement given to SI defines the task the person should do. The upper 
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Stratum requirement includes very often the lower stratum one. In order to represent 
it, meta-level representation scheme is necessary. 




Figure 2: Multi-strata modeling 



3.2. Knowledge representation language 

A language for representing the concepts discussed so far is necessary. Such a 
language has been developed with its processor by author’s group and named Multi- 
Layer Logic (MLL) [5]. This language is an extension of first order logic. The main 
extensions are 

1. Introduction of data structure and a method of manipulating it. 

2. High order predicate under certain restrictions. 

3. Open architecture to accept any procedurally defined predicate. 

4. Their combination. 

The basic form to represent knowledge is 
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{Q^xlX%^ylY)-{Q^zlZ\R{x,y,-,z):- 
P,{x, y, -,z)*P 2 {x, y,- -,z)* - *P„{x, y,---,z)\ 

in which Qj^etc. denotes either the universal quantifier (v) or the existential 
quantifier (3), xl X etc. means x in a set X, * denotes a logical connector, i.e., 
either conjunction or disjunction. This expression is read as “for all/some x in X, 
all/some y in Y, . . . , all/some z in Z, if the relation and/or P 2 and/or, . . . , 

P^ hold, then R ” . The prefix is often abbreviated for the sake of simplicity in the 
followings. An evaluation of predicate is a mapping from a set of variables 
(x, y, • • • , z) to either true or false (T,F). This mapping can be performed either by 
matching with the existing predicate or by a procedure. A predicate to which a 
procedure for evaluation is provided is named a Procedural Type Predicate (PTP). 
The others are Normal Type Predicate (NTP). When a PTP is to be evaluated the 
corresponding procedure is evoked and executed. 

Using MLL as a knowledge representation language a knowledge based system 
named KAUS (Knowledge Acquisition and Utilization System) has been developed 
by the author’s group and used for many problem [6]. The system is designed to 
accept any Procedural Type Predicate as a pair of predicate and its evaluation 
procedure. 

Some simplified expression is used in the following. Every term can be a 
universally quantified variable in a rule with a prefix. In this case it must be in the 

head. The prefix (Vx/X) for the variable x in the head however is abbreviated 
except when it is necessary to represent a special meaning. In this case the variable is 
denoted by the character string starting with an upper-case character showing its 
domain name. The character string starting from the lower-case letter shows a 
constant. But if some terms are used to define a local concept, that is, closed within 
the single formula, these are not necessary to be included in the head but can appear 
only in the body. Thus, an expression as the following appears. 

predicate{X ^ , • • • , ) : - 

(Qy/Y )predicate'{Xi ,---,X^,y\---, predicate" (X, , • • • , ) 

It is of course possible to translate this expression into the standard form in which 
every quantifier is put in the prefix. But the above expression is used in the following 
because of its comprehensiveness. Even the prefix in the body is often abbreviated 
unless it is to be noted for representing a special concept. In the following a predicate 
starting with # denotes a PTP. As well, the expressions A : —5, A : —C can be 
merged to a predicate A : —B + C where + denotes the disjunction. 
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3.3. System generation based on multi-strata model 

Each specific problem requires its own problem solving method represented by a 
problem oriented structure of functions. Let it be called a problem-specific function 
structure. Because of its problem dependency, the key information to generate this 
structure must be included in the problem representation in the form of multi-strata 
model. 

The requirements are distributed in this problem model. These are processed from 
the highest stratum in order to create the problem-specific function structure. For this 
purpose a special operation to identify and retrieve the necessary knowledge chunks is 
performed in the system. For example, let a requirement ''automate the activity of 
subjectr be given to a highest level subject in the multi-strata model. Let its internal 
form be "automate Activity (subject2, subject 1, system)'' where "subject!", " subject 1", 
and "system" denote respectively the subject to which this requirement is given, the 
subject of which the activity is to be automated, and problem specific system to be 
generated in order to replace the designated subject ("subjectl") for the purpose of 
automating the task. The objective is to retrieve necessary knowledge chunks to 
define the problem specific system from a knowledge base and to replace the lower 
stratum subject. Knowledge must be well structured to facilitate these operations. 

Special high-level knowledge is provided for performing this retrieval operation. If 
the requirement to the "subjectl" is a design problem, a set of functional requirements 
are given and the "subjectl" is asked to find such an object model structure that 
satisfies these requirements. When the requirement is given, the model is not made 
but a node to represent the model is created and the requirements are given to the 
node. The model structure is made starting from this node. In this case the 
requirement for "subjectl" is satisfied by generating a system which can do every 
operation required by "subjectl" to solve the given problem. As has already been 
discussed, it needs a general scheme of problem solving as shown in Figure 1. 
Therefore retrieving a knowledge structure to represent this scheme can satisfy the 
requirement given to "subjectl". The following rule can be used to achieve this 
operation. 



automateActivity (Sub ject2, Subjectl, System) : - 
#getSub jectRequirement (Sub jectl, Requirement!) , *1 

generateSystem (Requirement!, System) , *2 

evokeSubject (Sub ject!, System) . *3 

This is a general rule. Let, in above case, "subjectl " and "subjectl " be substituted 
by S2 and SI respectively. This rule says that a system which replaces the lower 
stratum subject is obtained by, knowing the lower stratum subject (*1), knowing the 
requirement given to it (*2), and generating a system to satisfy the requirement (*3). 
The operations (*2) and (*3) are defined by still the other rules. After the 
Requirement! is substituted by the requirement to SI in the multi-strata model, the 
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predicate '‘generateSystem!' is evaluated. In the above example, 
''exploration(subjectl, model, domainr is the requirement given to the lower stratum 
subject and is substituted into “ Requirement^. Since the knowledge to be used for 
solving a problem may be different by the requirement substituted into 
''Requirementr\ problem types and problem domain, it is assumed that the different 
knowledge chunk is provided for every case. It is also assumed that the name of the 
problem domain is included in the requirement. Finally the lower stratum subject SI 
is evoked for operation. This predicate is to start a problem solving for the 
requirement given to the designated subject using the system assigned thereto (*3). 
The predicates ''generateSystem'' and ''evokeSubjecf include in the above rule is 
expanded further bye the following rule. 



generateSystem (exploration (Sub jectl, Model, Domain) , Syste 



m) 

#getOb jectRequirement (Model, Requirement' ) , *1 
problemType (Requirement' , Type) *2 
tmakeRetrieveKey (Sub jectl, Model, Domain, Key, KC) , *3 
retrieveKnowledge (Sub jectl, Domain, Key, KC) , *4 
makeSystem (System, KC) . *5 



There are the different rules for '‘generateSystem'' by the requirements included 
therein. This is the one in which the requirement to "subjectl" is “solve a problem”. 
KC is an abbreviation of knowledge chunk. "Subjectl" and "ModeP' are substituted 
again by SI and 01 respectively. The type of problem must be identified from the 
representation of the requirement on "objectl". If it is represented in the form of 
"functionality(object, value)", there are three different types depending on which of 
object, value and functionality is unknown. In the case of the object being unknown 
this is a synthetic type problem like a design problem. First the object level 
requirement is obtained (*1). The problem type is obtained by the predicate (*2). 
Then the necessary knowledge chunks are retrieved by (*3,*4). Different rules are 
retrieved for the different problem types and domains. A problem specific problem 
solving system can be generated including these knowledge chunk (*5). 

The requirement to SI may be given more specifically such as design, diagnosis, 
control, programming etc. then the problem type is included explicitly in the 
requirement. The rules for "generateSystem" are prepared for them. Then the problem 
type is obtained straight. 

evokeSubject (Sub ject, System) 

#getSub jectRequirement (Sub ject, Requirement! ) , *1 



getSolution (Requirement!, System) . 



*2 
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Problem solving to satisfy the Requirement! is executed using the System (*2). 
The knowledge chunks can be retrieved by the following rule. 



retrieveKnowledge (Sub jectl, Domain, Key, KC) : - 
#getTaskKnowledge (Key, TaskKnowledge) , 

#getDomainKnowledge (Domain, DomainKnowledge) , *2 

♦includeKnowledge (KC, TaskKnowledge, DomainKnowledge) . *3 

The first predicate (*1) takes out the knowledge to define a specified task from the 
global knowledge base. The information on the knowledge chunk is in Key. Since the 
scheme of performing tasks is common to many domains, this task knowledge 
includes knowledge chunks that relate to different domains. The second predicate (*2) 
selects as well the domain knowledge chunk. Finally, these knowledge chunks are 
integrated to form the knowledge chunks as required for the given domain. 

It would be shown that by providing this kind of rules concerning the multi-strata 
model, the problem-specific problem-solving systems could be generated. 



4. Condition for large knowledge bases 

The knowledge base discussed above must be large enough to cover wide application 
areas. Naturally it is very large and is difficult to be held and maintained by a few 
users but must be opened because a large part of the knowledge is common to many 
people. There arises the need for a large common accessible knowledge base. Since 
these intelligent systems require the properly structured knowledge to achieve the 
goal of solving complex problems, the Large Knowledge Bases (LKB for short) must 
be designed to meet this condition. 

The key for accessing the knowledge chunk must be created in each intelligent 
terminal system in which the problem solving discussed before is performed. Every 
intelligent terminal system keeps a directory of knowledge chunks in LKB. If some 
knowledge becomes necessary in solving some problem but lacked in intelligent 
system, a key is created and the request is issued to LKB. The intelligent terminal 
system must have its own knowledge base and the retrieved knowledge is added to it. 
The intelligent terminal system must also maintain this directory file up-to-date 
following to the notice from LKB. In other words, LKB must distribute the 
information to represent the current state of the knowledge base to all intelligent 
terminal systems. This is the requirement for the intelligent terminal system to access 
to LKB. 

On the other hand, the requirement for LKB must be cleared. It is expected that 
there can be a lot of accesses to LKB when the use of intelligent systems becomes 
every day affairs. Then LKB must be provided with a very efficient method of 
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retrieving knowledge. It cannot be the retrieval by pattern matching because it is too 
slow but must be retrieval by index as is used in the ordinary information retrieval. 
The difference is that the knowledge chunks are complexly structured according to 
the relations between intelligent functions. The relations between them such that some 
knowledge chunks is retrieved via the other knowledge chunks. The characteristics of 
LKB are as follows. A management system must be designed to meet these 
conditions. 

1. It accepts the request from the intelligent terminals, retrieves the required 
knowledge chunks and sends them back efficiently. 

2. It maintains the knowledge base up-to-date by accepting new knowledge or 
replacing the old knowledge with the new and the more smart knowledge. 

3. It tries to discover knowledge from the collection of data in cooperation with 
databases. 

4. It controls the traffic of information around LKB 

5. It preserves the security of the information and the system. 

6. It assures the fine control of authorization of users. 

What information can be used as the key? The key is an information to describe 
characteristics of knowledge. Hence this corresponds to meta-knowledge in intelligent 
system. When a chunk or a world of knowledge is created in an intelligent system, 
some meta-knowledge characterizing this world must be given. As has been 
discussed, meta-knowledge is not dependent on each specific problem but on problem 
domain. That is, the structure of classifying the knowledge is common to a problem 
domain. This structure must be used also as the schema of LKB. If an intelligent 
system finds that some knowledge in a chunk is lacked, it uses the higher level 
knowledge characterizing the chunk as a ken for retrieving. Thus, even if inference is 
not used for retrieving information, it may be necessary for maintaining the system. 
Moreover if LKB is to have the capability above, e.g. discovering knowledge in data, 
the level of its intelligence must be high enough. Since, however, the objective and 
role of LKB is different from intelligent terminal systems. A different approach in 
design is necessary. 



5. Conclusion 

The problems, which arise in the future in many areas of social activities, are 
expected to glow very large and complex. They are already coming to and soon 
exceed the limit of human capability. In fact human capability is limited in many 
aspects such as, the limit for dealing with the large scale problem, the limit for 
adapting the required speed in doing things, the limit of controlling the error, the limit 
of understanding the meaning of what is happening, the limit of understanding the 
trans-disciplinary problems etc. Thus conventional human centered style of problem 
solving cannot be held anymore but some alternative method as a break-through, at 
least a strong supporting method, is needed. Such computers are not based on the 
conventional technology, but the more intelligent systems become necessary. The 
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minimum requirements for the computers are autonomy, generality, and practicality 
[7]. In this paper generality is mainly discussed. Some parts discussed in this paper 
have already been tested. These attempts were to prove the validity of the way of 
approaching the goal. The author’s group is coming to the final stage of achieving the 
goal of this paper as the research work. 
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Abstract. To build a knowledge base for an intelligent help system, as Aran, is 
an essential and difficult phase. In Aran, a knowledge based assistant to help 
users in the use of UNIX systems, we integrate the traditional manual approach 
of conceptual information structuring with a complementary one based on 
Formal Concept Analysis (FCA). FCA allow us to obtain the domain formal 
concepts (semi) automatically and to organise the information around them. 



1 Introduction 

As the complexity of software applications increases and computers are being used by 
all kind of individuals, the provision of on line help in complex software applications 
is becoming crucial. Knowledge-based assistants (also known as Intelligent Help 
Systems IHS) have been proposed as a way to improve the usability of complex soft- 
ware applications [12,14]. We consider that IHS can integrate smoothly the learning 
and working processes providing benefits such as a potential increase in users’ moti- 
vation [2]. Nevertheless^ at present, the cost required to build such systems keeps 
them mostly in the research domain and out of the practical realm [4] . The organisa- 
tion and structuring of domain information is a major task when producing IHS. Usu- 
ally these systems are built around a knowledge base or conceptual network that rep- 
resents key concepts of the application domain (according to domain knowledge 
experts) [1]. 

In this paper, we present a new approach to the automatic structuring of information 
that simplifies IHS construction when dealing with complex domains. The comple- 
mentary approach that we propose is based on Formal Concept Analysis (FCA) the- 
ory. FCA theory can provide the basis for educational tools that use a conceptual 
network as a learning tool or as a navigational support (e.g. giving access to a rich 
multimedia documentation), or even as a method for designing educational applica- 
tions. FCA has been applied successfully in many data analysis applications and it is 
especially well suited when it is necessary to deal with a big number of entities (or 
objects) that can be described using a rich set of properties (or attributes). Using FCA 
we can automatically classify and structure all the information around the “formal 




113 



concepts” of the domain (also called conceptual classes or categories), which are 
natural pairs of objects and attributes sets. The FCA approach has been used in the 
construction of a help tool for the UNIX operating system called Aran. In Aran we 
integrate as complementary both approaches, the FCA and the more traditional ap- 
proach based on a static, hand coded, conceptual network used to organise and to 
structure all the available domain information. 

The rest of the paper is organised in the following way. First, we present the basics 
of the formal concept analysis theory. Then we give an overview of the integration of 
technologies in Aran, and details on how information is indexed using both methods. 
Also, we introduce briefly FCA as a tool to assist in the domain analysis. Finally, we 
present the conclusions of our work. 



2 Formal Concept Analysis 

Formal Concept Analysis (FCA) is a relatively new approach to the mathematics 
normalisation and representation of conceptual knowledge [13]. It is a theory of con- 
cept formation derived from lattice and ordered set theory that provides a theoretical 
model for the analysis of conceptual hierarchies. From the Computer Science point of 
view, it is an automatic technique for information structuring and classification that 
permits the construction of applications for data and domain analysis. 



2.1 Contexts and Concepts 

The key idea in FCA is the notion of formal concept around which the data will be 
structured. Formal concepts are formal abstractions of concepts of human thought 
that allow a meaningful and comprehensible interpretation of the data. In FCA a con- 
cept is determined by its intention (comprehension) and its extension. The extension 
covers the objects belonging to the concept, e.g. the computers in a department. The 
intention comprises the attributes shared by all the objects under consideration, e.g. 
all the Macintosh in the department are multimedia, they all are computers, they all 
have network connections, and so on. With respect to a specific concept, if an object 
belongs to the concept and an attribute is valid for the eoncept, then the object “has” 
that attribute. The extension and intention of concepts are connected through the 
“has” relationship between objects and attributes, and clearly are reciprocally de- 
pendent. 

Because a concept can have many instances, and the set of all instances an almost 
limitless set of shared attributes (properties) it is customary to work with a specific 
context in which both the set of objects and attributes are fixed. The mathematical 
model of the relation between objects and attributes is called the formal context. So, a 
formal context K is a triple (G,M,I) consisting of two sets G and M and a binary rela- 
tion I between G and M; the elements g of G are called objects, and the elements m of 
M are the attributes that objects might have, and gim asserts that “object g has the 
attribute m” (or equivalently “the attribute m applies to the object g”). If we are con- 
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sidering the four computers in a small department according to the operating systems, 
multimedia and network capabilities we have G={C1, C2, C3, C4}, M={pc, mac, 
multimedia (mm), network (nt)}, I = {Cllpc, Climm, Clint, C2Imac, C2Imm, 
C3Imac, C3Imm, C3Int, C4Ipc, C4Int} that we represent in a tabular way: 





pc 


mac 


mm 


nt 


Cl 


X 




X 


X 


C2 




X 


X 




C3 




X 


X 


X 


C4 


X 






X 



Table 1. Characteristics of the four computers 

Let A be a subset of the object set G -i.e. A consists only of objects and all these 
objects belong to G-, then A’ denotes the set of all attributes from the attribute set M, 
common to all the objects belonging to A (e.g. if A = {Cl, C4}, A’ = (pc, nt}). Con- 
versely, for a subset B of the attribute set M, B’ denotes the set of all objects from G, 
to which each attribute from B applies to, i.e.: 

A’ = (mG MI(VgG A)glm} (1) 

B’ = { g G G I (V m G B) gim } 

Then the pair (A,B) formed from these two sets is called a formal concept of the 
context K, if and only if A’=B and B’=A are true - if B consists of precisely those 
attributes from M which apply to all objects from A, and if equivalently A consists of 
precisely those objects from G which have all the attributes from B, i.e., if A = (Cl, 
C2, C3), A’ = {mm} and ( {Cl, C2, C3}, {mm} ) is a concept (conversely if B = 
{mm}, B’ = {Cl, C2, C3} and (B’, B) is the same concept). 



2.2 Generalisation-Specialisation Relation 

The concepts of a given context are naturally ordered by the generalisation- 
specialisation relation (subconcept-superconcept) producing a hierarchy for the con- 
text K. At the top will be the more general concepts that have a smaller intention and 
larger extension than any of the more specialised concepts below. Formally, if (Al, 
Bl) and (A2, B2) are concepts of the context K, then (Al, Bl) is a subconcept of (A2, 
B2) if (and only if), Al is a subset of A2 (or equivalently, B2 is a subset of Bl), i.e.: 

(Al, Bl) < (A2,B2) o Al cA2 (o B2 c Bl) (2) 

In the previous example the concept ({Cl}, {mm, pc, nt}) is a subconcept of ({Cl, 
C2, C3}, {mm}), because the computer Cl is a multimedia pc with network capabili- 
ties, that is, we can state more things about the computer Cl than about the group of 
computers {Cl, C2, C3} (we say that the first concept is more specific than the sec- 
ond). 
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2.3 Fundamental Theorem 

Formal Concept Fundamental Theorem states (among other things) that formal 
concepts with the generalisation-specialisation ordering form a conceptual hierarchy 
for the context K that is a complete lattice, denoted by B(G,M,I). Concepts are placed 
in a lattice structure in which meet and join of any combination of elements are given 
by: 

Ajej(Aj, Bj) = (njejAj, ( U.ejBJ)”) (3) 

VjGj(AJ, Bj) = ((u.£jAj)”, nj^jBj) 

This concept lattice not only contains concepts corresponding to each object but 
also concepts corresponding to the meet and join of other concepts. This feature leads 
us to solve (in part) the problem that arises when working with automatic knowledge 
extraction for knowledge based systems. In fact using FCA “richness of knowledge in 
data stored leads us to richness in knowledge extracted and classified”. FCA has the 
advantage that much of the mathematics required for data manipulation in the appli- 
cations can be borrowed directly from lattice theory. 

Moreover, concept lattices can be represented graphically by line (or Hasse) dia- 
grams. These structures are composed of nodes and links. Each node represents a 
concept with its associated description (i.e. the intension and the extension of the 
concept). The links connecting a node to its children specify an “is-a” or subset rela- 
tion, indicating that the parent's extension is a superset of each child's extension. 
More abstract or general nodes occur higher in the hierarchy, whereas more specific 
ones occur at lower level (Fig. 1 shows the lattice of the computer example). That 
means that most of the FCA applications can be supported by graphical representa- 
tions that simplify the presentation of information and the interaction with users [7]. 



3 Integration of Technologies in Aran 

Aran is an intelligent help assistant for the UNIX operating system. Aran integrates 
different “standard” technologies to provide the help facilities. The aim is to simplify 
user access, selection and understanding of the information needed to overcome the 
user’s current problem, while, at the same time, offering the user the possibility to 
expand his knowledge of the operating system. The integrated technologies are: hy- 
pertext, statistical information retrieval, formal concept analysis (FCA), explicit 
knowledge representation and user modelling. Aran uses hypertext techniques as a 
tool to navigate the information and to interact with the system. The information 
retrieval technique facilitates the access to documents. FCA facilitates the organisa- 
tion, the knowledge extraction and the access to the information contained in the 
Unix documentation. The domain knowledge representation simplifies access, under- 
standing and integration of the information for the user. Adapting the system to the 
individual user’s characteristics is done with the information stored in the user model. 
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TOP 




Intension of 
concept A 
mm, nt 



Extension of 
concept A 
Cl, C3 



Fig. 1. Lattice of the computer context presented in Table 1 

Others help systems present only ad hoc information to the user, but Aran reuses 
the complete documentation that is shipped, in electronic format (manual pages), 
within the operating system. Three types of indexing is done to this documentation: a) 
knowledge-based indexing, the documents are indexed using the concepts (mainly the 
actions) of the domain model; b) statistical free text indexing, the documents are 
indexed by terms automatically extracted from the text [10]; c) FCA or automatic 
indexing. In our domain the documents (objects) are related with a set of descriptors 
(or attributes). This object- attribute relation is used as a formal context to derive all 
the formal concepts that will be indexed following their generalisation-specialisation 
hierarchical structure. 

Aran provides a direct manipulation, graphical user interface that supports three 
different, but related, interaction modes. These three operating modes correspond to 
the three kinds of textual information indexing. In the browsing mode, menus and 
mouse-sensitive representations of the domain model are employed for accessing the 
domain information and documentation (see Fig. 2). This direct interaction with the 
domain model will help the user to acquire a complete and accurate model of the 
Unix system. The question mode, where the user makes requests for information 
using natural language obtaining a ranked list of relevant documents. The descriptor 
selection mode, where the user chooses the descriptors incrementally from a list (pro- 
vided by Aran) obtaining all documents where those descriptors appear (see Fig. 3). If 
the user selects a document using the question mode or the descriptor selection mode 
and he switches to the browsing mode, the visualisation of the domain will be centred 
in the concepts that index this document. 

In Aran we have a complex domain of discourse: in UNIX there are around forty 
basics commands and more than four hundred user’s commands. UNIX is a complex 
domain where there is no a general agreement on how to organise and on how to 
present all the implied concepts to the learner [1]. A more detailed description of 
Aran and of our approach to the IHS construction can be found elsewhere [2, 5]. 
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:HAiqGE-SYSTEM-VAPiIABLE] 




Fig. 2. Partial hierarchy of actions used to index Unix information. The interaction with this 
domain model is done via a browsing interface. 



4 Information Indexing 

As we are mainly interested in organising and structuring domain information (and 
not only its access) we will present in more detail the indexing done with the knowl- 
edge base and with the formal concept analysis 



4.1 Knowledge-Based Indexing 

The core of Aran is a knowledge base where the different types of knowledge and 
information are represented and organised and it includes a model of the domain. The 
domain knowledge is a conceptual model of the Unix operating system that tries to 
reflect its information design, technical aspects of the domain as well as a user’s view 
and his/her use of the system. This model allows the organisation and indexing of 
different kinds of topics around the key concepts of the domain. 

We have reused a representation similar to that of the Sinix Consultant [6] obtain- 
ing a taxonomic hierarchy of concepts according to different views of the domain 
concepts. In the knowledge base, the world of Unix concepts is divided into entities. 
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which correspond to Unix (virtual) objects (e.g. file, process, system variable), and 
actions or operations which involve these objects (e.g. change, communicate with 
user). Higher-level concepts in the taxonomy reflect more general objects or actions. 

We will focus on the taxonomy of actions because command information (and 
manual pages) is indexed using mainly the actions. Here the formation of general 
actions and its classification was directed by two independent and orthogonal criteria: 
thematic and semantic. Actions like system administration or file manipulation are 
examples of thematic general concepts that group actions with a similar topic or that 
act on similar objects (correspond roughly with Unix book themes). The basic idea of 
the semantic classification is to describe the commands by their similar effects (even 
if they act upon different objects) using a set of “basic” actions that will be later spe- 
cialised. Change or inform are examples of these kind of general actions. 



Shovi Doc^ctiknt: hdd 
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I-CHKE^ 
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Fig. 3. Aran descriptor selection interface. Commands (documents) that contain the descriptor 
change and the list of remaining significant descriptors are shown. Now the user is selecting 

the descriptor mode. 

The individual Unix commands and objects are represented and manually indexed 
as instances of actions and entities, respectively. The commands representation take 
into account different aspects: syntactic (e.g. name, syntax), semantics (e.g. descrip- 
tion text) and pragmatic/tutorial (e.g. related commands, prerequisite concepts, re- 
lated concepts). From this representation the user has direct access to the related in- 
formation and documentation. 

Loom, a language and environment for knowledge representation and reasoning 
[9], descendant of the KL-ONE system, is the representation tool that we have chosen 
to deal with the diversity and complexity of these knowledge sources. Loom has the 
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ability to automatically classify the structured definition of a concept with respect to a 
taxonomy of other concepts. The knowledge base is implemented as a frame network 
(with inheritance), where every node represents a concept. Concepts are restricted by 
a number of slots that relate them to other nodes in the network. Along with this 
taxonomic-based reasoning, Loom features an object-oriented assertional language 
which is dynamically truth maintained and supports rule based programming. These 
characteristics of the Loom systems simplify the construction and management of the 
knowledge base, in particular the dynamic maintenance of the user model and the 
general coherence of the domain model [5]. 



4.2 Formal Concept Analysis Indexing 

Aran made a simple use of FCA as a tool to index, according to formal concepts, the 
initially poorly organised electronic documentation of the UNIX Operating System 
(manual pages of the section 1, user commands). Normally, documents of the manual 
have a short description section, with one or two lines, that describes the purpose of 
the related command. The words used in these descriptions are very significant in the 
UNIX domain and can be understood by a wide range of users. We have chosen these 
words, or descriptors, as the attributes, and the commands as the objects of our con- 
text. Consequently, in Aran we define a formal context K=(G,M,I), where the objects 
are the set of commands G, the attributes are the set of all descriptors assigned to 
these commands, M, and I is the “has” relationship between commands and descrip- 
tors. A pair (A, B), where A is a subset of G and B is a subset of M, is a formal con- 
cept of this context, if B consist of precisely those descriptors which apply to all 
commands from A. That way, a subset of commands A will be the extension of a 
concept, if and only if, there are no more commands that share the same set of de- 
scriptors. The equivalent reasoning can be done with attributes. 

The set of all descriptors and the descriptors that apply to each UNIX command 
are semi-automatically obtained from the short description of its related document. 
First, we use a stop list to remove from the description the common words that are 
insufficiently specific to represent content -i.e. such as the, of, a, etc. Then words with 
similar meaning, like plurals or -ing forms, are manually reduced to a single term. 
This can be regarded as a semi-automatic indexing stage needed to be done initially 
and once the document collection has changed. This approach is general, domain 
independent, and can be applied to other collections that do not have a short descrip- 
tion [3]. For example, the command "cp" short description is "change work directory" 
and its assigned descriptors are: "change", "work" and "directory" [11]. 

FCA indexing simplifies the organisation of the information available and the user 
access to the documents. Organisation of the documents is made using the automatic 
clustering feature of FCA. This feature allows the automatic creation of a concept 
hierarchy to be used in a navigational way and where the user can specialise his in- 
formation requirements while, at the same time, the system shows him all the possible 
commands related with his needs. On the other hand, this structure can be potentially 
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exploited by IHS designers to discover complementary ways of organising domain 
information. 

User access to information is implemented in Aran as follows: when the user se- 
lects a descriptor (from the list provided by Aran) he accesses the more general con- 
cept that includes this descriptor in its intension. Normally, this concept will have 
subconcepts. The help process is to guide the user from this general concept to its 
more specific subconcepts. User queries are a set of descriptors that will obtain all 
commands (documents) with at least those descriptors assigned. For example, if the 
user selects the descriptor directory (from the list provided by Aran's interface), he 
will obtain the different commands to manipulate UNIX directories (e.g. cd, dircmp, 
du, Is, mkdir, organizer, pwd, rm, rmdir) and the Internet user name directory service 
(e.g. whois). Then all descriptors that apply to these commands are calculated and 
displayed (minus previously selected descriptors and those shared by all recovered 
commands). This way the user can select these incrementally compatible descriptors 
and gain access to more specific subconcepts. Following with the previous example, 
if the user selects internet, he will only obtain the command whois, and as this com- 
mand produces a concept object (i.e. it has no subconcepts) the list of selectable de- 
scriptor will appear empty. Each step of this interactive process of descriptor selection 
refines the query and it reduces both the significant remaining descriptors and the 
selected commands. This process guarantees that no less than one command is ob- 
tained and then we can access the related document. 

When helping user to access information, Aran does not explicitly or graphically 
presents to the user domain formal concepts but implicitly uses formal concepts lat- 
tice to guide the information search. In Aran we have designed an alternative inter- 
face that simplifies the interaction and speeds up the search process (see Fig. 4). With 
this interface at any step, the user can select any of the more specific descriptors 
hence it is not necessary to follow, step by step, the lines of the concept diagram (in 
the Fig. 4 we can see two different search paths in the lattice). This process enables a 
formally founded and easy to use information access because the induced concept 
lattice permits fast incremental search with effective feedback to the user [8]. 



5 Domain Analysis Using Formal Concept Analysis 



FCA is also being used in Aran for domain analysis and information structuring. 
Nevertheless, this part of the FCA module is at this time mainly a designer's tool 
where we use crude conceptual lattices. As we state in previous section, the UNIX 
domain is a complex domain that has more than four hundred user's commands, so 
we start working with subcontexts generated by attributes that we select as specially 
important. Human computer interaction depends on the size of the lattice and on the 
information displayed in the lattice. One small lattice could be displayed entirely (not 
necessarily as a Hasse or line diagram) and medium-large lattices could be simplified 
showing only the sublattice corresponding to an attribute. 
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Fig. 4. Concept lattice for several Unix commands with two search paths to access the com- 
mand chmod. One of them correspond to the two steps query specification by the selection of 
change and mode -as shown in Fig. 3-. But if the user selects the descriptor permission the 
command is obtained in only one selection. 

For example, in Figure 5 we can see the induced lattice of all the commands that 
have the attribute "job" in its short description. At the first level of the "job" induced 
lattice we can read out that a UNIX job can be related to “printer”, “queue”, “at”, 
“remove” and “uucp control inquiry status”, but using our previously stated lattice 
operations (see Sect. 2.1) we can obtain that {printer}’ , {at}' and { uucp control in- 
quiry status}' are disjoint sets of UNIX commands, but that the sets {queue}' and 
{remove}' have common elements with {printer}' and {at}'. What are the qualitative, 
or intuitive, implications of these stated results? The first statement tell us that in 
UNIX we have three different sets of commands: the set { printer }'= {Ipr, Ipq, Iprm} 
to manipulate printer jobs, the set {at}' = {atq, atrm} to schedule jobs, and the set 
{uucp, control, inquiry, status}' = {uustat} to report about transfer operations to other 
systems. The second statement tell us that queue is a common element to scheduled 
and printer 'j: jobs as are the actions of display and remove elements from the queue. 
At this point it is important to notice that in our context “at” appears as a “corrupted” 
attribute, because it is being used as both a time preposition and as the UNIX com- 
mand "at". In this case it is not a problem because the semantic of the command “at” 
is clearly related to the meaning of the preposition “at". 




122 



Until now we have used this FCA technique as a designer’s tool to check Aran’s 
knowledge base, but we are planning to make this information available to users by 
means of a suitable user interface. 




Fig. 5. Concept lattice for the commands containing in its short description. 



6. Conclusions 

The major contribution of this work is to produce a robust intelligent assistant by 
means of integrating in the same different techniques. More specifically, we put the 
stress in the mode how the explicit domain knowledge representation is comple- 
mented with formal concept analysis to simplify information access and to enrich the 
conceptual network. These automatic and manual approach could appear as compet- 
ing formal tools, where many of the benefits obtained from FCA would be equally 
obtained using the facilities offered by the LOOM system. But we consider FCA 
brings many benefits such as that it provides a formal, well founded and easy-to-use 
approach that can improve the interaction between learner and system. Also, FCA 
provides a framework in which we can automatically build a conceptual network 
which organises all domain objects taking into account all its characteristics. 
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The next steps of this research will be to produce general applications that expand 
the applicability of FCA as a tool to organise the information handled by other edu- 
cational software. Also, we are planning to create standalone FCA applications to be 
used as a tool to simplify domain analysis. 
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Abstract. This paper presents a knowledge-level analysis of the task 
program supervision based on two different systems: PEGASE and PUL- 
SAR. A knowledge-level analysis of a knowledge-based system reveals the 
organisation of the knowledge it uses, and how it uses this knowledge to 
solve the task. It is also the key to determine the set of properties that 
it assumes on domain knowledge. These aspects have been successfully 
used as a framework to compare different systems, mostly for knowledge 
engineering purposes. Our purpose is to use assumptions as the proper- 
ties that the knowledge base must verify. 



1 Introduction 

Program Supervision (PS) consists in the automation of the use of an existing 
program library, independently of any individual application. Given a user’s re- 
quest expressing a processing goal, a combination of programs has to be selected, 
scheduled, executed, and the execution monitored to ensure that no unexpected 
results are produced. 

Several systems have been used to supervise image processing libraries for 
different applications: visual inspection for flaw detection in metal components 
(VSDE [1]), road-scene obstacle detection (OCAPI [8]), and analysis of inter- 
planetary images (MVP [4]). PS systems are often knowledge-based systems 
which encapsulate the knowledge about the correct use of programs. 

This paper presents a knowledge modeling of two PS systems: PEGASE [10] 
and PULSAR [9]. Our first aim was to obtain a precise characterisation of these 
systems in terms of the properties that they assume on domain knowledge, with 
the purpose of exploiting them in the construction of knowledge base verification 
tools [6]. A knowledge-level analysis fits well our needs. 

A knowledge-level analysis of a knowledge-based system abstracts from im- 
plementation details and reveals the organisation of the knowledge it uses, and 
how it uses this knowledge to solve the task, i.e. which problem-solving method 
it employs [7]. It is also the key to determine the set of properties that the 

* Her work has been carried out at INRIA and has been financed by the grant 
PF95 19899400 from the Spanish Ministry of Education and Culture. 
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problem-solving method assumes on domain knowledge. These properties make 
explicit the connection between the problem-solving method and the domain 
knowledge [2]. They have been successfully exploited for knowledge engineering 
purposes, e.g. to find out to which domains a certain problem-solving method is 
applicable, or which problem-solving method is more suitable for a given domain 
[2]. Our purpose is to use the assumptions of the problem-solving method over 
the domain knowledge as the properties that the knowledge base must verify. A 
knowledge-level analysis, however, has other interesting outcomes. 

This paper is organised as follows. First the CommonKADS-based framework 
for our knowledge modeling is described in section 2. Section 3 briefiy introduces 
PS systems. The task model is presented in sections 4, 5, and 6. Finally, section 7 
presents the conclusions. 

2 A CommonKADS-based framework 

Different frameworks for the specification of knowledge-based systems follow the 
CommonKADS model of expertise [11]. In CommonKADS the following elements 
are used to describe a knowledge-based system: 

- Task definition^ which describes the problem that the system solves as an 
input-output relation. 

- Problem-solving method (PSM), which describes how the task is achieved, 
including the main reasoning steps and the control over them. 

- Domain ontology and domain model A domain ontology refers to the vocab- 
ulary used to express the domain knowledge. A domain model is the domain 
knowledge structured as the PSM requires for reasoning. 

The framework used in [2] includes the features that the PSM requires on 
domain knowledge [assumptions of the PSM). In [5] other types of assumptions 
are considered: the assumptions of the task over the domain knowledge, and the 
assumptions needed to ensure that the PSM can solve the task. Figure 1 shows 
how assumptions relate the elements of a knowledge-based system. 



Task Definition solves Task Problem-Solving Method 

I / I 

Task ' ' / PSM 

assumptions ' ' assumptions ‘ assumptions 

^ Domain Model 



Fig. 1 . The elements of a knowledge-based system and their assumptions 



In this paper we deal with the concepts of task, PSMs, domain model, and 
PSM assumptions. In the next section we introduce the architecture of the PS 
systems that have been the object of our knowledge modeling. Afterwards we 
present PS domain model, PS task and PSMs (PS methods henceforth), and the 
requirements or assumptions of PS methods. 
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3 Program Supervision Systems 

PS systems are knowledge-based systems which encapsulate the knowledge about 
the correct use of a library of programs. A PS system is composed of a reusable 
PS engine, a knowledge base capturing the expert’s knowledge about the use of 
programs, and the library itself. Next we briefly describe these parts. 

3.1 Knowledge base 

The knowledge base encapsulates expertise on programs and processing. It con- 
tains instances of PS specific concepts such as processing goals, operators (corre- 
sponding to programs and their use), operator arguments and parameters, etc. 
The knowledge base may also include expertise to perform automatically dif- 
ferent actions, such as initialisation of operator parameters, evaluation of the 
results of operator execution, etc. 

3.2 Engine 

The behavior of a PS engine can coarsely be divided into four steps. First a plan- 
ning step determines the best (partial) plan to reach the goals defined by the 
user’s request. Then the execution of the (partial) plan is triggered, i.e. the indi- 
vidual programs in the plan are executed. The results of the program execution 
are passed on to an evaluation step that assesses their quality. This evaluation 
can be done either automatically by using the expertise in the knowledge base or 
interactively by the user. Finally if the assessment of results is negative, a repair 
step applies the appropriate corrective action. Otherwise the process continues 
with the planning step for the remaining (sub) goals, if there are any. 

Although the described behavior is quite general, variations are possible. 
For instance, at high level, planning and execution may be interleaved because 
each planning step may depend on information that is only available after the 
execution of previous programs in the plan. At a lower level, some basic steps 
can be performed in a more or less complex way. 

The knowledge analysis presented in this paper is based on two PS engines: 
PEGASE and PULSAR. Both can be seen as successors of OCAPI [8] which 
improve it in different manners. OCAPI performs planning using hierarchical 
plans and only provides operator re-execution as repair mechanism. PEGASE 
[10] incorporates richer repair mechanisms. PULSAR (in concrete, PULSAR-IU 
in [9]) uses a combination of operator-based and hierarchical planning, and a 
subset of PEGASE repair mechanisms. 

4 Program Supervision Domain Model 

In this section we present PS concepts structured as PS methods require, i.e. 
the PS domain model. The concepts taking part in PS are the basic ones we 
have mentioned above, i.e. goal, operator, argument, and parameter, but also 
those needed to describe PS task, such as operator knowledge base, problem 
specification, and problem solution. 
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4.1 Basic Concepts 

Goal A goal represents a processing function that a PS system can perform. It 
is often used to establish the link between a function and the operators that 
achieve it. 

Operator An operator describes either an individual library program or a more 
or less complex combination of programs. Two types of operators are distin- 
guished. A primitive operator describes a library program. A compound operator 
is described by means of a set of suboperators (or decomposition), which can 
be in turn compound or primitive ones. The decomposition of a compound op- 
erator can represent, e.g. a specialisation (choice), or a sequence. By means of 
decompositions operators are described at different levels of abstraction. The 
description of an operator at all levels of abstraction constitutes a hierarchical 
operator. 

An operator contains two types of information, namely about the function 
it performs and about the resolution process it employs. Regarding operator 
function, we find the information to allow operator selection in the appropriate 
situations: 

- functionality or function that the operator performs. 

- characteristics or typical properties of the operator. 

- input and output arguments. 

- parameters, i.e. tunable arguments. 

- preconditions or logical formula stating the applicability conditions of the 
operator. 

- effects or logical formula representing the operator side-effects. 

- postconditions or logical formula that must hold after execution. 

Regarding operator resolution process, the information depends on the type 
of operator. The information common to both types of operators is: 

- initialisation criteria to initialise parameter values. 

- evaluation criteria to check the results of operator execution and detect and 
diagnose any problem. The diagnosis is expressed as a global assessment on 
the operator application and/or tuning combined with an assessment on an 
argument or parameter. 

- repair criteria indicate how diagnosed problems have to be solved. The al- 
ternatives can be re-executing the operator, transmitting the problem to 
another operator, or backtracking to a choice point. In case of operator re- 
execution, adjustment criteria are needed for parameter adjustment. 

Primitive operators include information regarding the calling interface of the 
library program (program call). Compound operators include: 

- data distribution or the way in which input (output) arguments or parameters 
are connected to the input (output) of their suboperators. 

- in sequential decompositions, data flow or the connections among output and 
input arguments of the suboperators in the sequence. 

- in specialisation decompositions, choice criteria allowing to select a candidate 
for the specialisation in the current situation. 
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Criteria The different criteria that have been mentioned have typically the struc- 
ture of rule bases. Other alternatives are possible, however. 

4.2 Additional Concepts 

Operator knowledge base The operator knowledge base groups a set of operators, 
compound or primitive ones, and possibly a set of goals describing them at a 
more abstract level. 

Problem specification A problem specification consists of the intended processing 
goal, the input data, the type required for the output data, the initial state 
(domain objects constituting the problem context), and the constraints that 
must hold in the solution state. 

Problem solution A problem solution consists of a plan, which is a set of operators 
aimed at solving the problem specification, plus the final state with the results 
of the execution of this plan. Alternatives for plan structure are, e.g. ordered set 
of operators or unordered set of operators. 



5 Program Supervision Task and Methods 

The PS task receives as input a problem specification together with an opera- 
tor knowledge base, and produces as output a plan, a final state, and a result 
description indicating if the plan was successfully executed or not. 

The analysis of PULSAR and PEGASE has revealed the basic subtasks of 
PS. Figure 2 depicts the high-level subtasks using a task-method decomposition 
structure. 

We see that supervise can be performed by a method which consists of an 
initialisation step plus the step plan an execute. PULSAR and PEGASE methods 
for plan and execute are different, as well as other methods at lower levels. In 
the following paragraphs we describe these different realizations and elaborate 
on the assumptions they make on domain knowledge (labelled from (a) to (o)). 
Notice that, due to a lack of space, no explicit representation of control is given. 

Plan and execute This subtask consists of the steps expand plan, select plan, and 
execute plan. 

PEGASE plan and execute performs one plan expansion and then searches 
for a plan that, after a successful execution, solves the problem. PEGASE only 
performs one expansion under the assumption that individual operators contain 
enough information to solve a problem (a), and therefore it is more suitable for 
knowledge bases containing hierarchical operators. 

PULSAR plan and execute searches for a solution trying every additional plan 
expansion (recursive call to PULSAR plan and execute) once an expanded plan 
has been successfully executed. It makes no assumption on the organisation of 
the operator knowledge base. 
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Fig. 2. A task-method decomposition structure for program supervision 



Expand plan It consists of select and order operators and integrate operators. 
According to some heuristics, it selects the candidate operators from the operator 
knowledge base, orders them, and then integrates them in the current plan. The 
result is a set of expanded plans. This task is similar in both engines. The 
differences reside in the heuristics used in its subtasks. 



Select and order operators Different heuristics can be used to determine the oper- 
ators to be incorporated in the current plan and to order them. These differences 
are made explicit in the alternative realizations of select operators and order oper- 
ators. The used heuristics impose assumptions (b). For instance, PULSAR select 
operators is based on a matching between problem specification constraints and 
operator effects, and thus assumes that the operator knowledge base contains 
knowledge about effects. 



Integrate operators The methods to perform integrate operators depend on the 
plan structure and hence they make assumptions on this structure (c). In PE- 
GASE a plan is a single (hierarchical) operator whereas in PULSAR it is an 
unordered set of operators. As PEGASE integrate operators and PULSAR inte- 
grate operators simply incorporate the operator without any commitment on the 
order, no more assumptions are made. 
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Select plan Once all possible plans have been expanded, one of them must be 
selected to be executed. This can be done in a more or less smart way, however, 
the method used in both engines consists simply in selecting the first plan. No 
assumptions are made. 

Execute plan It corresponds to the selection of an applicable operator from the 
plan (select plan operator), and its refinement or execution (refine and execute 
operator). This is done in PEGASE merely once, again due to plan structure. 
PEGASE select plan operator is trivial and makes no assumption for the same 
reason. PULSAR proceeds along the operators in the plan, while the evaluation 
of the execution results is positive. PULSAR select plan operator performs selec- 
tion based on operator preconditions. It assumes that the operator knowledge 
base contains this knowledge (d). 

Refine and execute operator This subtask is showed in figure 3. First the op- 
erator parameters are initialised and then the operator is executed if it is a 
primitive one, specialised or decomposed otherwise. Afterwards the execution 
results are evaluated, and if necessary the operator is repaired. Each of these 
actions corresponds to a subtask. 




Fig. 3. A task-method decomposition structure for refine and execute operator 



Initialise parameters For a correct parameter initialisation, the initialisation cri- 
teria of the operator must in principle give means to initialise all parameters 

(e) . This assumption is made concrete in the realization of the subtask. The 
method used in both engines is rule-based initialise parameters, which consists in 
the application of forward chaining to the initialisation criteria of the operator. 
The first assumption is that the initialisation criteria have the form of a rule base 

(f) . It makes other assumptions on the contents of this rule base, e.g. that there 
is at least one rule for parameter (completeness of the rule base with respect to 
the parameters set), and that the rules initialising a parameter cover all possible 
situations (completeness of the rule set initialising a parameter), (g) and (h). 

Execute operator This subtask actually calls the program in the library and 
collects the execution results. 
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Specialise operator This subtask first obtains the candidates for the specialisa- 
tion in the current situation using the choice criteria of the operator (performed 
by rule-based choose operators). Then, PEGASE refines and executes the best 
candidate in terms of the number of times it has been chosen. PULSAR, never- 
theless, searches for a suboperator that can be successfully refined and executed 
in the whole set of candidates. PULSAR assumes that choice criteria can select 
multiple candidates (i), and thus it is more suitable for choice criteria selecting 
more than one candidate. 

Decompose sequence This subtask obtains the suboperators in the decomposi- 
tion, and refines or executes every suboperator sequentially. PULSAR performs 
an intermediary evaluation step after treating each suboperator, as well as the 
corresponding repair step. It assumes that the operator has knowledge about the 
required performance of the individual suboperators in the sequence (j). 

Evaluate results The method used in both engines for this subtask is rule-based 
evaluate results, which implies the application of forward chaining to the evalua- 
tion criteria of the operator. It assumes that the evaluation criteria have the form 
of a rule base (k). 

Repair operator This subtask first obtains the appropriate repair action in the 
current situation. This is usually done by rule-based repair operator, which per- 
forms one forward chaining step on the repair criteria of the operator and thus 
assumes that they have the form of a rule base (1). Then either a re-execution 
(with the corresponding parameter adjustment) or the appropriate repair sub- 
task is activated depending on the repair action. This repair subtask in general 
propagates the problem to a target operator and forces its repair. PEGASE and 
PULSAR differ in the repair subtasks that they incorporate. 

Since repair operator treats the problem diagnosed by the evaluation step, a 
basic assumption is the completeness of the repair knowledge with respect to 
the knowledge used for evaluation (m). This means that all problems diagnosed 
by the evaluation criteria are treated in the repair criteria. Moreover, the repair 
knowledge must be complete with respect to the problems propagated to the 
operator by the repair knowledge of any other operator (n). A different assump- 
tion concerns the correctness of repair paths in case of problem propagation (o), 
i.e. the chaining of repair actions must be continuous and end with an action to 
solve the problem, e.g. a re-execution. 

6 Assumptions of Program Supervision Methods 

The assumptions presented have been identified informally from the information 
on the knowledge utilisation provided by the (sub)task-method decomposition 
description. Particularly: 

- each task determines the precise role of the knowledge it uses and imposes 
general assumptions. 
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- the detailed description of the method that performs the task usually imposes 
additional assumptions. They can make reference to required knowledge, to 
the structure or form of the knowledge, or to any other requirement so that 
the method works properly. They can also restate the general assumptions 
of the task. 

For example, initialise parameters assumes that the initialisation criteria give 
an initial value to all parameters (e). The method rule-based initialise parameters 
requires that the initialisation criteria have the form of a rule base (f). At the 
same time, it restates the general assumption taking into account this form, (g) 
and (h). 

The conceptual organisation for assumptions in [3] distinguishes epistemolog- 
ical, pragmatic and teleological assumptions. Epistemological assumptions refer 
to the knowledge required by the PSM. These are further divided into avail- 
ability and property assumptions, both referring to domain knowledge. In [6] we 
proposed to distinguish the properties that are critical for the proper functioning 
of the method {compulsory) from those that are only advisable {desirable). 

In PS methods we find mainly: 

- assumptions on availability of knowledge to perform certain tasks (availabil- 
ity assumptions). Examples related to the use of selection/ordering heuristics 
are (b) and (d). A different one is (j). 

- assumptions about required knowledge structure (property assumptions). 
See (c) and (f). 

- assumptions on other knowledge characteristics, critical or not (compulsory 
or desirable property assumptions). See (g) and (h) as examples of compul- 
sory properties, (a) and (i) as desirable ones. 

The assumptions of PS methods specify what they need to operate. They can 
be exploited to select a PS method for a target domain. For instance, assumption 
(a) of PEGASE plan and execute implicitly states that it handles hierarchical 
operators. This feature, although too structure-oriented, can be used to select 
the method for domains in which operator functions are “naturally” seen as 
combinations of actions [2]. 

7 Conclusions 

The characterisation of PS systems in terms of the assumptions they make on 
domain knowledge can be used for verification purposes. Actually, the assump- 
tions or requirements of a PS system indicate the properties that the knowledge 
base should verify [6]. This was the initial motivation of our knowledge modeling. 

Furthermore, PS system characterisation can be used to determine the ad- 
equacy of the system to the target domain. This is an important issue when 
deciding which PS system is to be used for engineering a new application, be- 
cause the success of the final application will often depend on the adequacy of 
the chosen system to the features of the domain rather than on the efficiency of 
the algorithms that implement that system [7]. 
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Another interesting result is that the PS task-method decomposition can be 
seen as a high-level specification of PS methods that could be used to design new 
PS systems, e.g. by changing the control of a given method or incorporating new 
steps. Jointly with method assumptions, it can be used to design the knowledge 
acquisition or verification tool adapted to a given PS system. 

Based on method assumptions, we are currently implementing the verification 
modules necessary to verify knowledge bases for PS systems. We also investigate 
the use of a software verification tool for the detection of hidden assumptions, 
in the line of the work in [5]. 
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Abstract. Modelling syllogistic - inferential processes in polyvalent logic by 
diachronic syllogistic structures, we realise their QUADRI DIMENSIONAL 
interpretation, in the paper, by relational - objectual - propertational chains 
convergent in diachronic spaces. Aristotle considered the definition the motor 
nerve of syllogistic deduction, the medium term being a definition. Leibnitz 
conceived the definition as the beginning and end of any demonstration, a 
demonstration being nothing but a chain of definition. The concept of structure, 
implying a topological relational approach designates the necessary relations 
between the elements of a system, invariant and independent of the elements, 
therefore formalizable the structure constituting an abstract model capable of 
making the rules, governing the transformations, rationally intelligible. Structuring 
the concepts and the assertions of scientific theories according to the rules of 
syllogistic definability and deductibility systems are obtained, which underlie the 
realization of the Universal Knowledge Basis. 



1 Theoretical Basis. Conceptualizations. Formalization. 

Generating systems, formalization fulfils the function of thorough analysis of knowledge 
fields. Concept formalization implies their analysis, contributing to their clarifying and 
explanation. Formalization facilitates the understanding of demonstration or theory, 
clarifying and consolidating demonstrations and reasoning. 

Concepts can be considered results of formalization or abstraction, serving as 
instruments of thinking and research which enable us to save brain resources. Scientific 
theories consist of bodies of concepts and sets of assertions. The problem of 
understanding a concept or that of verifying the truth of an assertion implies a start from 
small number of concepts and primitive proposition named axioms or postulates. A 
concept can be explained or defined by means of other concepts. 

The truth of an assertion is to be inferred from other accepted assertions. Starting 
from small number of ideas and primitive propositions, the lineal approach gives the 
possibility of concentrating matters of significance and truth in the initial primitive 
elements; it also involves typical modalities of definition and inference. If the 
propositions and concepts of a theory are disposed according to definability and 
inferability links, an axiomatic system of the theory can be obtained. 

Aristotle turns definition into the motor of syllogistic inference, the medial term 
being a definition. According to Leibniz, definition is the beginning and the end of any 
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demonstration, the latter being nothing but a chain of definitions. E. Russel states that 
’’definition is undefinable and it is not even a definite notion”. In traditional logic 
treatises it is shown that a definition is asserted by the genus proximum et differentia 
specifica. As a restriction, it is pointed out that a definition shouldn’t be constructed 
’’idem per idem”; it shouldn’t be tautologic as it is impossible to define the definite by 
means of a more developed form of the false definition ’’circulus in definendo” or 
’’dialela” each thing should be defined by means of another, either of them being defined 
by other's elements. 

The concept of structure designates the ’’constellation” of necessary relationships, 
invariable and independent from the elements, therefore formalizable, which offer the 
explanation of the "coder of all the possible transformations within the given system. 
A system becomes completely unintelligible if its parts are studies separately, as it has 
new properties, distinct from those of its components and not derivable from their sum. 
By constructing abstract models, it is possible to observe invariable relations which 
explain the structure and dynamics of systems. J. Piaget defines the structure of a system 
a coherent assembly of transformations, which ensures the selfregulation of a totality. 

By a concept of structure as an abstract model, the rules govern transformations and 
ensure the frmctionality of a system become rationally intelligible.In the methodological 
strategy of stmcturalism, the mle of diachronic variation enables the explanation of 
system variations by stmctural variants. There is a distinction between ’’synchronic” 
which designates the relationship between coexistent terms, and diachronic” which 
refers to the relationship between successive terms. Therefore, stmctural analysis 
consists of a topological and relational approach. 

Applying stmctural analysis rules, especially the immanence mle, analysis is 
exclusively focused on the interior of the investigated field, operating temporarily, from 
methodological reasons, a closing of the respective field. The interval stmcture of a 
knowledge field is established not on grounds of resembling, but of differences, by 
grouping and ordering differences, more exactly binary opposition, where there are 
complementary relations between the elements. The activity of ordering differences or 
binary opposition will be named dichotomic division. 

Dichotomic division consists of dividing a field associated to an object into a 
species object and its complementary, so as the following relations should be observed: 
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1.1 Axioms - The Fundamentals Of Aristotelian Syllogistic Construction 

Aristotle was the first to formulate ideas on the deductive method of logic. Transposing 
his ideas in the world of current concepts, by deductive science, Aristotle understands 
a system S of notions and sentences made up so that: 

a) all the sentences in the system S should refer to one and the same domain of 
objects and relations between objects; 

b) any sentences in the system S can be a tme sentences; 

c) if certain sentences belong to the system S, then other sentences which can be 
deduced from them according to the laws of logic have to belong to the system S; 
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d) a finite set of notions should be given in the system S, so that their meaning 
should not need any explanation, while the meaning of the remaining notions in the 
system should be defined with the aid of the first group of notions; 

e) in the system S a finite number of sentences should be given which are 
constructed in a such a way that their truth should be evident, while any other sentence 
in S could be deduced fi^om these sentences according to the laws of logic. The 
sentences whose truth is evident and which are placed ahead a deductive system are 
called axioms in traditional logic. The axioms were taken by Aristotle as fundamentals 
of his syllogistic. 

Wang Hao consider that any scientific theory comprises a body of concepts and a 
large number of assertions. 

The meaning of a concept can be explained or defined by means of other concepts. 

The truth of an assertion can be determined by deducing it from other accepted 
assertions. When the concepts and the sentences of a theory are arranged according to 
the definability and deductibility relations, an axiomatic system of theory is obtained. 

1.2 On Structure And Structural Analysis Rules 

The structure concepts designates "the constellation"of necessary invariant relations, 
independent of the elements, therefore formalizable, which offer the "code" explanation 
to all the possible transformations within the given system. 

By constructing abstract models, invariant relations are detected, which can explain 
the system physiognomy and dynamics. 

J. Piaget considers the structure of a system as an ensemble of coherent 
transformations, which ensures the self - regulation of a totality. 

Through the structure concept, as an abstract model, the rules governing the 
transformations and ensuring a system functionality become rationally intelligible. 

In the methodological strategy of structuralism, the rule of diachronic, variation 
enables explaining the system variations by structural invariants. 

A distinction is made between "synchronic" designating the relationship between 
successive terms, therefore structural analysis lies in a topological and relational 
approach. 

Applying the structural analysis rules, and first of all the immanence rule, the 
analysis is exclusively focused inside the domain under investigation, operating 
temporarily, for methodological reasons, a closing of the respective domain. 

The internal structure of a domain of knowledge is established not on the basis of 
resemblances but of differences, by grouping and ordering differences more exactly 
binary opposition, where the relations between the elements are of complementarity. 

1.3. The Principle of Sufficient Reason 

Leibniz elaborates the principle of sufficient reason and formulates it as follows: ''The 
meaning of sufficient reason (Raison suffisante) is that no fact can be considered true 
or suffiicient and no sentence can be considered true without the existence of a sufficient 
motivation for why it is like this and not otherwise”. 

Schoppenhauer consecrated to this principle the paper entitled "The Quadruple 
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Root of Sufficient Reason”, in which he distinguishes the following forms of this 
principle: the principle of sufficient reason of existence, of becoming, of knowledge and 
of action, involving the following aspects: existence, cause, knowledge and motive. 

1.4 Scientia Generalis 

Leibniz, by elaborating "characteristica universalis”, i.e. ” a general system of signs 
and formulae” so that in a certain scientific system to each object relationship 
corresponds a sign, believed in the possibility of constructing a general science. 

Within the frame of this science, named "scientia generalis", the principles of the 
"general methodology" of sciences can be elaborated. 

1.5 Semantic Steps 

The theory of semantic steps in Semiotic starts from the fact that there are objects, 
properties and relations which belong to objective reality approached to as a knowledge 
field. 

The objects of the first step which have a corresponding formalization in an object 
language, constitute the so - called zero steps. 

The languages from the second step on, will be called metalanguages and they serve 
to the formalization of objects on superior steps. The objects, properties and relations 
of the zero step form the basis of the whole sequence of steps of human knowledge 
However, from the theory of types, it follows that any property belongs to a higher 
step than the objects having that property. 

1.6. The Intention And Extension Of Notions 

Any notion has two fundamental determinations which are connected, namely the 
extension and the intension of the notion. 

Notions reflect classes of things. The reflection of a class of objects in a notion is 
called notion extension. 

The intension of a notion means the abstract reflection of the invariable properties 
and relations of a certain class of object. 

1.7 Immediate Inferences. Syllogisms 

Immediate inferences or inferences lie in obtaining a new sentence from a single 
proposition. According to Aristotle a syllogism consist in inferring a sentence from 
other two sentences. 

1.8 Arborescent Graph. Taxonomy 

An arborescent graph is a particular graph in which there is a peak called root, so that 
any peak of the graph of the graph is linked with S by a unique route. 

The arborescent graph is also known as tree. Taxonomy or taxonomic arborescent 
graph is a graph in which there are inherited proprieties. 
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The construction of a taxonomy enables the system to know that an element has, 
besides its own properties, the properties of all its precursors in the graph. Taxonomy 
is used for a hierarchized graph. 

1.9. The Relationship Between Structure And Genesis 

Structural analysis constitutes a starting point to a historical analysis and from a genetic 
perspective, structure itself becomes comprehensive; the dialectic method is seen as 
unity of structural - functional analysis of historical - genetic analysis implying the study 
of the origin and evolution of the corresponding structures as the historical product of 
a self-governing equilibrating process, structural coherence emerging not as static reality 
but as dynamic virtuality. 

Structural analysis correlated with historical - genetic analysis explains the transition 
from one structure to another. 

Each system has a definite structure that includes the resources of surpassing itself. 

1.10. The Knowledge Basis 

The knowledge basis can be considered as a n - dimensional topological space, on 
which a geometry can be defined and within it concepts of open sets and contact 
neighbourhood, frontier, continuity and topological transformation are operand. 

The metric space of the knowledge basis should not be limited only to the level of 
forms detected in the real space but to that of notions. 

The information stored in the knowledge basis must be organized in sets or classes 




Fig.l. Generalized arborescent hyper graph (taxonomy) 

(Oik); fhe totality of classes forms the knowledge or the references structure of 
intelligent systems, there being the relation: 
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Oik n 0 ,,, = d) 



( 2 ) 



for any 0^^, Ojk+j, where 0 is a void set. 

In real conditions, relation (2) is not observed and the class delimitation is vague, 
the sets defining the classes are "fuzzy” in Zadeh's opinion or "fluid" according to the 
definition given Gentilhome. 

The classes {Oi^} in the knowledge basis are not equivalent, there being a level 
sequence of classes of increasing power beginning with the uniques and ending with the 
reference set {Oqo}. 

An algebra of relations can be defined of the knowledge basis for the forms of 
intellectual activity; the relations can realize an application of the knowledge basis in 
the knowledge basis enable its description under the form of a graph. 



2. Modelling Syllogistic - Inferential Processes by Diachronic 
Syllogistic Structures 

2.1. Methodological Principles 

1° The principle of convergence to "Axiomatic One". Any structure tends and 
converges ascending to "Axiomatic One" which is associated to the object Oqo (fig. 1). 
2° The principle of "Sufficient Divergence". Any structure as descending divergent on 
an unlimited number of levels; for it to be intelligible, a finite number of descendence 
levels is sufficient. 

2.2. Generalized Syllogistic Hyper Graph 

The generalized syllogistic graph represents the model of the most general diachronic 
structures, constituted of structure - diachronic cells; it is elaborated by superposing 
three arborescent structures: 

1) of properties 

2) of diachronic and synchronic relations 

3) of objects 

2.3. The Diachronic Space 

Descartes was the first to raise the problem of the coordinate besides of space and time. 
This paper introduce an extra coordinate besides space and time, namely diachrony, and 
we shall name diachronic hyper Cartesian space the limitless ensemble of diachronic 
levels, consisting of a sequence of levels (Nj); each diachronic level has a corresponding 
"step" in the becoming of the UNIVERSE. 

The references system of diachronic space contains the axes of diachrony and 
syncrony. 
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The axis of diachrony represents the history of the becoming UNIVERSE, and the 
axis of synchrony represents UNIVERSE S existing in space time. 

2.3.1 The universal parameters of diachronic space 

The diachronic space is characterized by the following universal parameters: 

1 ° - diachronic levels (Nj); 

2° - the quantity of information corresponding to level (Ij); 

3° - level probability (Pi); 

4° - equivalence class or level cardinal number (Uj) 
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According to the principle of "SUFFICIENT DIVERGENCE" the last level in the 
"SUFFICIENT" number of levels, will be associated to the zero step from the theory of 
semantic steps (Nj). 

Considering the objects on the diachronic levels to be sets, applications: IIi:U — ^U/p, 
defined by IIi=pj, where U is an universe (a set of sets), Pj are unique equivalences 
specific to named cannonical projection of equivalences pj. 

Each diachronic level has a corresponding class of equivalence, therefore a cardinal 
number 

According to the principle of convergence to "AXIOMATIC ONE", the limit of the 
cardinal numbers row tends to "ONE". 

As cardinal numbers are classes of equivalence, which imply binary equivalence 
relations defined in Cartesian spaces, the diachronic space constitutes a "hyper 
cartesian" space. 

2.4 Structural diachronic cell 

The structural diachronic cell will be defined as a minimal quadri - property, three - 
objects, three - relation set (fig. 2). 

Mathematically, the structural - diachronic cell is defined as the set of the three 
minimal property - object - relation sets, as follows: 






/-1A:’^/A:+1 /-1A:’^/A: /A:+l^^ 



( 4 ) 
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The structural diachronic cell can be modelled mathematically by three elementary 
matrices: 



1.- the property - elementary matrix 




k 



P 



z+l 



p 



i+l A:+l-‘ 



( 5 ) 



2. - the object - elementary matrix 



^ik kA 



( 6 ) 



3. - the relation - elementary matrix 

% % 

^^ik i-\k i-lk 



( 7 ) 



2.5 The triangle of the three logic principles 

From figure 2 the structural - diachronic cell it can be noticed that being given a 
precursor object (a UNIVERSE or a set of sets), it can be divided into two and only 
two successor objects, and Oj^+i (two sets of sets) according to the principle of the 
"excluded tertiary "so that the two descendant objects (successor) should necessary be 
in a relation of contradiction according to the principle of the "EXCLUDED 




Fig. 2 Structural - Diachronic Cell 
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CONTRADICTION"; leaving aside property between the two (resulting) objects 
there is a relation of equivalence according to the "IDENTITY" principle (fig.3). 

2.6 Diachronic interpretation of the definition 

In mathematical logic, the notion of definition was introduced by the symbol "=d/' 
placed between two symbolic expressions, specifying that the two symbolic expressions 
are represented by the term "defmiens" and the term "defmiendum". 

The notion of definition was accepted in mathematical logic in a vague and 
unprecise manner. 

B. Russel had to affirm "the definition is not definable and it is not even a definite 
notion". 

We shall consider that the sign "= 0 /' as a sign of definition is a relation between the 
expression that defines (defmiens) and the defined expression (defmiendum), relation 
which can be true or false. 

Assimilating "genus proximum" with the object and "differentia specifica" with 
the property (in the syllogistic hyper graph) and denoting definiendum by D and 
definiens by d, the definition relation: 




Fig. 3 The triangle of the logic principles 
D=of d, can be interpreted in the following way 

Oik=DPi-ik 5 if all the elements of the objects 0;^ have the property Pj^ (fig.4). 

It can be noticed from fig.4 that the definition implies 2 diachronic levels (Nj.i, N^), 
two objects (Oj.ik and Oj^) and a property Pj^ and it has an ascendent direction. 
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Fig. 4 Diachronic interpretation of the definition 
2.7 Quadri Dimensional Interpretation of Syllogisms/Inferences 

Let us consider the following inferences/syllogisms. 

1 . If all spruce firs are Plants an if all Plants are Organisms then all the spruce firs 
are Organisms. 

2. If all the Philosophers are People and if all the People are Social Beings then all 
Philosophers are Social Beings, by replacing the notions comprised in the two 
inferences by symbols, the general inferences shall be obtained: 

If all S are M 
and if all M are P 
then all S are P. 

Associating the notion ALL by a cardinal number or an equivalent class, it results 
that notions S, M, P, can be associated with a sequence of three objects (Oi.y, O^^, Oj+i^) 
in a diachronic structure (fig. 5). 

From fig.5 it results that the general inference can be interpreted quadri 
dimensionally as it implies: 

1 - three diachronic levels: N,.|, Nj, Nj+j; 

2 - three objects: 0„ik, 0;^, 

3 - three properties: P,ik, Pik, Pi+ik; 

4 - three relations: SaM, Map, SaP (a the vowel in "afirma" wich replaces the notion 
’’are”). 

The general inference can be stated as follows: if all the elements of the object Oj+i^ 
(set) on the diachronic level Nj+i have the property P,+ik? and if all the elements of the 
object Oik (set) on the level N| have the property Pj^ then all the elements of the object 
0,+i k have the property Pj.i k- 
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Fig. 5 QUADRI-DIMENSIONAL 
interpretation of the syllogisms/inferences 



Therefore, the syllogism can be represented by a taxonomic arborescent structure 
in which the elements posses beside their own proprieties all the proprieties of the 
precursor in the graph. Returning to the two concrete inferences and writing down: 

Pruce trees - M Philosopher - F 

Plants - P and respectively People - Man 

Organisms - O Sociable beings - FS; 

we shall obtain the following diachronic structures respectively QUADRI 
DIMENSIONAL interpretations (fig.6). 




Fig. 6 Diachronic structures 
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By assimilating notions to object classes, syllogistic figures, respectively 
Aristotelian syllogistic modes can be modelled, using the graph theory. To each 
syllogistic mode it corresponds a mathematic model wich is represented by an oriented 
graph of binary three type arborescent structure (graphs of syllogistic figures No 1). 

From the analysis of the representation by graphs of syllogistic modes corresponding 
to Aristotelian syllogistic figures it can be noticed that a syllogism in a diachronic 
structure occupies three and respectively four diachronic levels (Nj.i, Nj, Ni+i, N.. 2 ), 
among the objects on the various levels the following relations being established: 

1. direct diachronic relations > binary relations between two objects on two 
successive diachronic levels (9*1 j.j 

2. transcendental diachronic relations - binary relations between two objects which 
are not on two successive diachronic levels (e.g. 9li+i ^ Mk); 

3. synchronic relations of contradiction - binary relations between two successive 
synchronic objects to the same diachronic level (R,k,ik+i)j 

4. The QUADRI DIMENSIONAL interpretation of each syllogistic mode implies 
by necessity the existence of a number of diachronic levels, properties, objects and 
relations (Table 1 corresponding to the four Aristotelian syllogistic figure 1). 

E.g. the Barbara syllogistic mode implies three diachronic levels and the perpetual - 
objectual -relational interpretation: 



9^1 O.j^ @ 



^3 

F.-Mf, 






i-l,k 

=>P 



( 8 ) 



- the BARBARI syllogistic mode implies 4 diachronic levels and propertual - 
objectual - relational interpretation: 






Conclusions 

1 . In elaborating a Universal Knowledge Basis it is necessary to associate notions 
and concepts with the objects (Qik) of the generalized syllogistic hyper graph. 

2. The actual (PJ, aprioric (Pj.i k) aposteriori (P,+k) properties correspond to the 
objects on the diachronic levels; the properly ordered sets of properties, objects and 
relations constituted in syllogistic rows correspond to a route in the generalized 
syllogistic hyper graph. 

3. The structure of the generalized semantic network of objects demands a 
hierarhical organization of objects (concepts, notions) by a generalized, taxonomic 
arborescent structure. 
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Concepts, notions and scientific assertions are currently presently in an entropic and 
redundant manner, making it difficult for the human brain to learn and understand them 
and at the same time impossible to implement them in Intelligent Systems, respectively 
in Artificial Intelligence. 
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Abstract. This paper deals with a complete and correct method to compute how 
many plans exist for an assembly or processing task. Planning is a NP-hard 
problem and then, in some situations, the application of time consuming search 
methods must be avoided. However, up to now the computation of the exact 
number of alternative plans for any situation was not reported elsewhere. Notice 
that the complexity of the problem does not depend on the number of involved 
operations, components or parts. The complexity of the problem depends on the 
topology of the precedences between operations. With the method presented in 
this paper, it will be easy to decide the search method to use, since we know 
how many possible plans could exist before applying the search method. 



1. Introduction 

In our previous work on the generation of plans for assembly and manufacturing tasks' 
[2 - 4] we used precedence graphs as a structure to represent the involved process. 
Precedence relations are obtained from constraints. For manufacturing tasks, the main 
constraints are the process, feasibility and geometric constraints. The constraints 
imply precedence relationships to guarantee that operations will be executed in the 
correct order. 

In precedence graphs, the manufacturing or assembly operations are the nodes 
while the precedence relations between operations represented by directed arcs. In this 
way, we can represent very complex assemblies or manufacturing processes without 
any combinatory explosion problem in the graph representation since in these graphs 
the number of nodes is equal to the number of operations. This is important because in 
some other representation structures (e.g. AND/OR graphs [5]) there is a huge amount 
of nodes when the number of involved operations increases. However, notice that 
independently of the used representation the number of the possible plans to execute 
the task is the same. 



" Readers interested in a classification of Assembly and Task Planning may consult reference 
[!]• 
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Although precedence graphs are unable to represent all possible sequences (e.g. 
mutually exclusive chains), if one sequence is represented, then all feasible plans can 
be generated. Due to the complexity of the problem (planning is a NP-hard problem 
[6]) a great amount of time may be necessary to generate all plans for a specific task. 
For this reason, we decided to implement several algorithms to generate plans using 
precedence graphs. 

One possibility is to generate all plans, but this can be a time consuming work when 
a great amount of plans exists. Notice that the number of plans does not directly 
depend on the number of operations, precedence relations, and parts. With one million 
of operations represented by a sequence of nodes there is only one plan, while with 
only 10 operations without any precedence (in this case the graph has 10 nodes and no 
arcs) we have 10! (3 628 800) possible plans. Thus, the number of plans depends on 
the topology of the Precedence Graph. 

Another possibility is the use of heuristics for the fast generation of one or more 
plans. Here the quality of the solution is not guaranteed and it is strongly dependent of 
the example being used. However, the generation time is low. 

Nevertheless, a very interesting possibility is the generation of the best plan 
according to time execution criterion. This algorithm takes some more time than the 
previous one but the best solution according that criterion is achieved. It is important 
to say that this algorithm is also able to generate the N best plans (N specified by the 
user). Notice that the best plan according to time execution criterion could not be the 
best according to other criteria (e.g. line balancing, quality, etc) but with more than 
one plan the user may impose other constraints on the achieved solutions. 

As we described before we have three alternative methods: to generate all plans, to 
generate one or more plans quickly, and to generate the best plans according to a 
specific criterion. However, how could we automatically decide which plan generation 
method will be used? As we show before the complexity is not dependent on the 
number of operations or on the number of precedences. For this reason, we decided to 
study and to implement a method to analyze the precedence graph and to compute the 
number of possible plans without the need to generate all the plans. This method 
gives, almost immediately, the correct number of possible plans for the task. 

A very interesting work in this area is presented by Wolter [7]. Several key aspects 
of assembly planning systems are analyzed and evaluated. Although several 
enumerative data structures designed to represent large set of assembly plans are 
described, precedence graphs are not included. Another difference with the work that 
is presented in this paper is that only exact upper bounds on size of each structure 
describe is calculated and not the exact number of plans that could be generated. 
Finally, only assembly plans are considered in Wolter’s analysis. 



2. The Slot-Block Theory 

The calculus of the number of plans is done in a way that reminds how to calculate the 
equivalent resistance of an electric circuit. It is necessary to identify serial operations 
or parallel operations and in each case, we can calculate how many plans with N 
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operations exist. Grouping step by step we will achieve the equivalent, in our case the 
number of possible plans for the task. 




Fig. 1. - Main topological elements of precedence graph 

Notice that here a plan is understood as a sequence of operations. If parallelism in 
the plan execution is allowed then some plans may correspond to the same situation. 




Fig. 2. - Possible plans for precedence graph with 2 parallel branches 

As a very simple example, consider three operations (opl, op2 and op3), 2 
precedence relations (opl before op3, op2 before op3) and 3 machines (one for each 
operation). In this case, the plan {opl, op2, op3} and the plan {op2, opl, op3} are in 
fact the same. However, if we have only one machine for the three operations these 
plans are different and may lead to different execution times. This is very simple to 
understand. For example, consider that the machine has 2 tools (Tx for op2 and Ty for 
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opl and op3) and that Tx is installed on the machine, for this situation the second plan 
is more efficient due to the setup time consideration. 

Fig. 1 illustrates the main topologic elements found in precedence graphs: serial 
operations and parallel branches of operations. As the result of each grouping, we will 
have the number of possible plans (Nplan) with a number of involved operations 
(Nop). 

Fig. 2 illustrates the possible plans for two parallel branches with two operations 
each. The parallel grouping will give as result 6 plans (Nplan = 6) with 4 operations 
and helps to understand the basic idea to obtain the number of plans. In any case, we 
will have 4 operations for the plan since all operations are necessary. Our goal is to 
compute how many plans will exist without generating them. 

The basic idea is to expand one branch on another one. For example considering 
the left branch of the figure we will have three places (slots) where the operations of 
the right branch can be placed (before both operations, between opl and op2 and after 
both operations). These slots are represented by rectangles in the possible plans. 
Generally, if we have N operations in one branch we will have N+1 slots (see Fig. 3). 

Thus, it is necessary to distribute the m operations of the other branch in the n+1 
slots of the branch holding the slots. However, one must remember that the 
precedences in the branch with m slots must be guaranteed. The question here is how 
many different blocks of operations may be placed into the slots. 




Fig. 3. - Slots in a branch 

Table 1 shows the possibilities of distribution of 6 operations grouped by 4 blocks. 
In the table we consider that op, precedes opi+i. 

Theorem: For grouping m operations in i blocks, we will have ^ groups (1) 

Proof: from statistical analysis theory, it is known that if we want to group n 
different elements in k groups, we have n!/(n-k)! groups. In our case, however, since 
the precedences in the branch must be guaranteed, the order of the elements in the 
groups is not important (in fact, only one possible order is allowed). So, the number of 
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possible groups is then n!/k!(n-k)! = (again from statistical analysis theory). In our 

case, with m operations we will have m - 1 transitions from one operation to another 
one and, with i blocks, we will have i - 1 transitions from one block to another. The 
problem resumes, then, to calculate the number of combinations between the possible 
number of places for the transitions (m- 1) and the number of transitions that we must 

have (/ - ^ . 



Table 1. - Grouping 6 operations in 4 blocks 



1 


{op,} {opzl { 0 P 3 } {0P4,0Ps,0P6} 


2 


{op,} {OP 2 } {0P3,0P4,0P5} {OPs} 


3 


{op,} { 0 P 2 , 0 P 3 , 0 P 4 } {OP 5 } { 0 P 6 } 


4 


{opi,op 2 ,op 3 } { 0 P 4 } {op,} {ope} 


5 


{op,} {OP 2 } {OP3,OP4} { 0 P,, 0 P 6 } 


6 


{op,} {0P2,0P3} {OP 4 } {0P,,0P6} 


7 


{op,} {0P2,0P3} {OP4,Op,} {OP^} 


8 


{ 0 P,, 0 P 2 } {0P3,0P4} {op,} {Op6} 


9 


{ 0 p,, 0 P 2 } {OP 3 } {0P4,0P,} {OPs} 


10 


{ 0 p,, 0 p 2 } {OP 3 } { 0 P 4 } {ops.OPs} 



Theorem: For placing the blocks in the slots, we will have possible 

combinations. 

Proof: the i blocks can be placed into the slots. Since we have n + 1 slots, it is easy 
to conclude that for i blocks we have possible combinations. 

Thus, for expanding one branch with m operations, grouped in i blocks, on another 
branch with n operations we have possible combinations. However, since 

the number of blocks i vary from 1 to the minimum between m and « + 7, the total 
amount of combinations of operations in two parallel branches is: 

^ C combinations (subplans) with n+m operations. 

i=\ 

The used reasoning was to expand the branch with m operations on the branch with 
n operations. The inverse reasoning could be used (to expand the branch with n 
operations on the branch with m operations). This corresponds to the right-hand side 
of the following expression that can be mathematically proved: 



min(n+l,m) 

i=l 



min(m + l,n) 

I 



i-1 



Cm+l 



c 



n-1 

i-1 



For the example of Fig. 2 we have m = 2, and n = 2. Thus, the number of possible 
plans with these 4 operations is given by: 



min(«+l,m) 2 

^ cy'c,v = £ cf c;_i = cf ci + Cjc; = 3 * 1 + 3 * 1 = 6 

/=1 /=1 
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The first product of the sum corresponds to the possibilities of grouping in one slot 
(3 possibilities: before opA and opB; between opA and opB; and after op A and opB) 
the two operations of the right branch in one block (only one {opC,opD}). This part 
corresponds to the following plans (the 3 first plans of Fig. 2): 1 - {opC, opD}, opA, 
opB / 2 - opA, {opC, opD}, opB / 3 - opA, opB, {opC, opD} 

The second product of the sum corresponds to the possibilities of grouping in two 
slots (3 possibilities: using the first and second slots; using the first and third slots; and 
using the second and third slots) the two operations of the right branch in two blocks 
(only one {opC}, {opD}). This part corresponds to the following plans (the three last 
plans of Fig. 2): 1 - {opC}, opA, {opD}, opB / 2 - {opC}, opA, opB, {opD} / 3 - 
opA, {opC}, opB, {opD}. 



3. The Parse Tree 

In order to compute the total number of possible plans of a precedence graph we must 
group operations in serial and parallel until the equivalent has been obtained. A parse 
tree is built to drive the grouping process. 




Fig. 4. - an example 

Let us consider an example for making the object shown in Fig. 4, involving 12 
operations, starting with an aluminum cylinder. A lathe can be used to perform the 
necessary processing operations. The surface of the cylinder must be uniformly 
adjusted and some facing and turning operations are necessary. By default, we do not 
know the order by which the operations must be done. The sequence of operations will 
be obtained by the feasibility and geometric constraints between parts and tools. There 
are also some processing constraints. 

The precedence graph for the above example is shown in Fig. 5, considering all 
feasibility, geometric (e.g. operation 1 must be done before operation 2) and 
processing constraints (e.g. for this type of material we must adjust the surface before 
starting turning). 
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The parse tree for this graph is illustrated in , where the terminal nodes are the 
operations, p represents parallel operations and s represents serial operations. The 
parse tree defines how to proceed in the grouping process to obtain the total number 
of possible plans. For this example, the number of possible plans is obtained as 
follows: 

• for parallel of {op5, op6}, n=l, m=l (let us name it as a) 

min(«+l,w) 1 

^ ^ c,^c° , =CfC° =2*1^2 

/=1 /-I 



this means 2 plans (a ^ 2) with 2 operations (m + n = 2) 

• for parallel of {op3, a}, n=l, m=2 (let us name it as p) 

= =«*C,'Co +C 2 C,' =2*(2*1 + 1*1) = 2*3 = 6 

/=! 



this means 6 plans (P = 6) with 3 operations (n + m = 3). 

Notice that it is necessary to multiply the sum by a, since the sum represents the 
possible solution for 1 plan of the a branch; however for a we have 2 plans. 

• for the serial operations op2, op4, and those of , we have the same number of plans 
than in p, but with 5 operations, since the p parallel has 3 operations 

• for parallel {op8, s(op2, op4, p)}, n=l, m"=5 (let us name it as x) 

/?*^C,^C/_, = = y?*C,^Co +C 2 C/ =6*(2*1 + 1*4) = 6*6 = 36 

/=1 

this means 36 plans {% = 36) with 6 operations (m+n == 6) 
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• for parallel of {op7, %}, n = 1, m = 6 (let us name it as 6) 

2 

= z*C^Co+C2C,^ = 36 *( 2*1 + 1 * 5 ) = 36*7 = 252 

/=1 



this means 252 plans with 7 operations (n + m = 7) 

for the serial operations opl and those of 8, we have the same number of plans of 8, 
but with 8 operations, since the 8 parallel has 7 operations 

for the serial operations op9, op 10 and opll we have only one plan with 3 
operations 

for parallel of {s(op9, op 10, opll), s(opl, 8)}, n=3, m=8 

4 



1 He ^ ^ CfC/., ==5^ C^Cl + ClCl + CtCl + ClC 



1 _ 
3 ~ 



/=] 



= 252 * (4 * 1 + 6 * 7 + 4 * 21 + 1 * 35 ) = 252 * 165 = 41580 



Therefore, since this is the last grouping, the total number of possible plans for the 
task is 41 580. 

Once the number of plans has been achieved, one may decide which policy to use 
in order to generate the plans. If the number of plans is reduced then the generation of 
all plans is possible in order to give to the user the possibility to choose by him in a set 
of few solutions. If the number of plans is high then one may decide to adopt one of 
the following policies: the fast generation of N plans or the generation of the best N 
plans according with the time execution criterion. In this way, the user will have the 
possibility to analyze only a small number of good possibilities. The experience shows 
that usually the best plan to achieve a compromise of constraints is in the set of the 
best plans according to the time execution criterion. 
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4. Execution Plan 

The plan generation is achieved considering all precedence relations (obtained from 
constraints) represented by the graph and the policy chosen as described in chapter 3. 
Note that, in this case, only feasible plans are generated. 

The algorithm used to generate the plan (see [2] for more details) consider, for each 
operation, the time needed for each operation as well as the time for changing from 
one operation to another (e.g., change the tool, wait a certain time before a specific 
operation due to the involved process and so on). In this algorithm, the configuration 
of the manufacturing system is also considered, since the sequence of operations is 
important due to the time needed for changing from one operation to another. 

Then it is possible to select the best plan (if that policy was chosen) considering 
time execution as criterion, since all times involved in the operations, tools' changing 
and setup are considered. In the example, as the number of different operations is 
small and the number of total operations is bigger, the main problems (concerning 
choice of best algorithm) are not the operations time, but the tools' changing and setup 
times. This is why the best plan is the one that minimizes the number of tools' 
changing operations and times needed to move tools from one operation to another. 

The next step is the generation of the program. The configuration of the 
manufacturing system must also be considered, since programs should be generated 
for each machine. This corresponds to the areas of Computer Aided Process Planning 
and CAD/CAM. The reader can find some good references of this kind of works in [8- 
12 ]. 



5. Conclusions 

In this paper, we have presented a method for computing the complexity of a 
precedence graph for manufacturing or assembly tasks. As the core of the method we 
created the slot-block theory, that allows to group branches of precedence graphs in 
order to know how many possible combinations of operations (subplans) exists. A 
parse tree defines how to proceed in the grouping process to obtain the total number 
of possible plans of a precedence graph. 

The method presented in this paper is implemented in software. Using the software 
one can rapidly obtain the number of plans of a specific precedence graph, and decide 
which plan generation algorithm to use. The decision about which algorithm to use 
depends on the total number of plans as well as on the purposes of the planning system 
(on-line versus off-line, strategic versus tactical or reactive). 

This work shows the impact of Information Technology on industrial processes. 
Besides the computer aided process planning part of our work that is not described 
here (see references [2 - 4]) we introduced a new method for the complexity analysis 
of precedence graphs. 

Further work on this method will be to consider several resources to execute the 
manufacturing and assembly task. In this case, some different plans are equivalent due 
to the parallelism during task execution. Temporal reasoning is important for this kind 
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of study. Another future direction is the integration with work being developed in the 
area of production planning and scheduling [13-14]. 
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ABSTRACT Recently a randomized algorithm based on Davis and 
Putnam Procedure was designed in [16] for the purpose of solving the 
satisfiabilty problem. In this letter another Monte Carlo algorithm 
following from an original algorithm [4] is proposed. The average per- 
formance of the algorithm is polynomial and the probability that the 
algorithm fails to yield a correct answer for some data is less than e. 
Results are compared with those given in [16] and show an interesting 
performance for our algorithm. 



1 Motivation and preliminaries 

The satisfiability problem or SAT for short is of special interest be- 
cause it has many applications notably in theorem proving, auto- 
mated reasoning etc... Since SAT is NP-complete, a great amount of 
research works tempt to lessen the difficulty of the problem. Cook 
in the second Turing Award lecture on Computational Complexity 
has recommended the use of probability to palliate the combinatory 
explosion of NP-complete problems [1]. Probabilistic algorithms try 
to bring an answer to the intriguing open question whether P=NP. 
The class of problems solved by this type of algorithms in poly- 
nomial time is called RP(for Random Polynomial). We know that 
P C RP C NP assuming P / NP. If we can prove P = RP and 
show that any given NP-complete problem is in RP then we con- 
clude P — NP. Unfortunately both of these premises are still open 
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questions. The results given in [6,11] , when combined all together 
yield that no polynomial average time algorithm exists for the re- 
gion c(^) 2 < p < (^^)2 where k <n^^n and k being respectively 
the number of variables and the number of clauses of the instance, 
c and t are constants and p the probability that a literal appears in 



a clause. The findings in [4] improve these results in the sense that 
this region is reduced to c(l^)2 <p < (1 — r~)2 for SAT-instances 
and in case r < (1 — where r is the largest length of clauses 



and b a constant. 



Perhaps, the most known algorithm for solving satisfiability is the 
Davis and Putnam procedure or DPP for short. Randomized Davis 
and Putnam procedure exists in the literature [16]. The author in the 
specified paper takes advantage of previous results on probabilistic 
analyses of DPP especially those described in [6] and proposes a 
randomized approach for solving SAT. The expected performance of 
this algorithm is polynomial to n. 

The present study represents a logical continuation of the work 
presented in [4]. A randomized algorithm with a polynomial average 
time complexity is developed for SAT. For a subset of instances, the 
algorithm yields the right answer whereas for the remaining ones, it 
may be defective and produce a result with a probability of failure 
not exceeding e. The results of the algorithm is compared to those 
of [16] and show a better performance. 



1.1 The satisfiability problem 

Let [a:i,a;2, ..-,Xn] be a set of Boolean variables. The set of literals 
is then [a;i,a:2, ...j^n]? denotes the negation of X{. A 

clause is a Boolean disjunction of literals. The length of a clause is 
defined to be the number of literals involved in the clause. A set 
of k clauses over n variables represents an instance of satisfiability, 
namely SAT(k,n). Vi denotes the length of the i^^ clause. When all 
clauses have the same length equal to r, the instance is denoted 
r-SAT(k,n). An example of an instance of satisfiability can be: 

(Xi -hX2 +X5)(xi -\-X2)(x2 +X4)(xi +X2+Xs){xi +X2+X^+X^) 

This instance is denoted SAT(5,5). A solution to SAT is an as- 
signment of Boolean values to variables such that every clause is 
satisfied. {x\ = 0,X2 = O^xs = 1 ^x 4 = 0,^5 = 1) is a solution for the 
instance given in this example. 
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1.2 The Probabilistic model 

The probabilistic model considered in this paper is the known con- 
stant density model M(fc, n,p) due to Goldberg [9] and used in many 
papers such as [6,7,10,11512,13,14]. A clause is constructed by includ- 
ing a positive literal with probability p (p < ^), a negative literal 
associated with the same variable with the same probability. 

Let us consider two different clauses Ci and Cj . A variable in either 
positive or negative form appears in both clauses with probability 
equal to and appears in none of the two clauses with probability 
equal to (1 — p)^. It appears in just one clause, in either Ci or c^-, 
with probability equal to 2p(l — p). Hence the probability that a 
variable does not appear simultaneously in both clauses is equal to 
2p(l - p) -f (1 - p)^ = 1 - p^. 



2 The Monte Carlo algorithm 

The randomized algorithm presented in this section derives from an 
algorithm, namely E-SAT for counting and checking satisfiability de- 
signed recently [4] . It is worth describing the latter even in a succinct 
way. 



2.1 Algorithm E- SAT 



Algorithm E-SAT responds to the decision satisfiability problem. 
The clauses of the instance of satisfiability are put in a matrix, 
namely A. A cell of A may contain a literal of a clause or be empty. A 
is then converted into another equivalent matrix B whose cells hold 
terms, which are conjunction of literals. The format of these terms 
allows the enumeration of solutions of the instance. The example 
below illustrates the conversion of the instance given in the previous 
example. 



Xi 


X2 


^5 


Xi 


^2 


— 


X2 


X4 


— 


Xi 


^2 


^3 


Xi 


X2 


^3 



Each row of A represents a clause. The symbol — denotes an ab- 
sence of literal. Let us modify A as follows: 
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Xi X\X2 X\X2X^ — 

Xi X1X2 - - 

B = X2 X2X4 — — 

Xi X1X2 X1X2XS - 
Xi X1X2 X1X2XS XiX2X^X4 

B[i^j] is the conjunction of A[2,j],... ^A[i—l,j] andA[i,j]. 

A row of B can be viewed as an ORing of Boolean terms or in 
other words as a disjunctive form. The fourth row of B for instance 
holds the Boolean expression xi + X 1 X 2 + xiX 2 X^ where + denotes 
the OR Boolean operator. The equivalence between a row of B and 
its corresponding row in A can be proved using the absorption law 
of Boolean algebra {x + xy = x + y). 

Algorithm E-SAT proceeds by crossing matrix B in a depth-first 
order. A vertical path corresponds to a term obtained by merging a 
term from each row of B. The term if non null, that is, if it does not 
involve a variable in both positive and negative forms, represents a 
group of solutions. 

Algorithm E-SAT 

INPUT: an instance of satisfiability 

OUTPUT: ’Satisfiable’ if the instance is satisfiable, ’unsatisfiable’ 

otherwise 

METHOD: It is described by the following steps: 

1- Preprocess the instance clauses [3] and put them in 

matrix A 

2- convert matrix A into matrix B as it is shown in the example 

3- cross matrix B in depth-first order 

4- when a non null final term is found, output ’satisfiable’ and stop 

5- if no non null final term exists then output ’unsatisfiable’ and 
stop 

The preprocessing of instance clauses is discussed in [4] and con- 
sists in rearranging positions of literals and clauses in order to cut 
off early potential non solutions paths and then finding a non null 
solution path faster. In fact, literals are placed from left to right 
according to the decreasing order of their frequency in the instance. 
Such placement guaranties early abortion of non solutions paths dur- 
ing the search. 

The main program of E-SAT consists of a call to procedure satis- 
fiable. 
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var satisf : Boolean; 

begin 

satisf — false; 

if satisfiable({},l) then output (’satisfiable’) else output (’un- 
satisfiable’) 

end; 

procedure satisfiable( var S: set of literals; i: integer); 

begin 

j — 1; 

while {j < Ti) and ( not satisf) do 

begin 

if S non null then 

M i = k then satisf := true else satisfiable(5,i + l); 

3 ~ 3 + 1; 

end 

return(satisf) 

end; 

5, the first parameter of procedure satisfiable holds a partial so- 
lution path. When it becomes null after the insertion of a term, we 
suppress the latter from S and add the next one according to the 
depth-first order. The process is iterated until finding a solution or 
reaching the end of the search. 

It has been shown that the average time complexity of algorithm E- 
SAT is 0{kr'^) for the class of SAT(k,n) instances verifying p > (1 — 
r“ ) 2 , where r is the largest length of clauses, m and b are constants 
and b = [4]. The originality of this algorithm comes from 

the fact that its performance is polynomial for a class of instances 
depending on r unlike the previous works where this class is defined 
by the parameter n and k. 
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2.2 Algorithm rand-SAT 

The randomized algorithm, namely rand-SAT is based on E-SAT. It 
chooses at random m vertical paths and tests whether they corre- 
spond to groups of solutions whereas in E-SAT, the search for solu- 
tions paths is dictated by the depth-first order. Since in rand-SAT a 
limited number of paths are tested for possible solutions, the answer 
may be mistaken. In compromise the reduction of consulted paths 
makes the algorithm run faster. In E-SAT all paths are checked until 
finding out a non null term or exploring all the alternatives. This 
yields an exact solution with an exponential time complexity for 
some cases. 

Let us now turn to the details of rand-SAT. If one of the vertical 
paths chosen at random from B corresponds to a non null term 
thus to groups of solutions, the algorithm outputs ’satisfiable’ and 
stops. On the contrary if none of the drawn paths denote a group of 
solutions, the algorithm outputs ’unsatisfiable’ and the probability 
of making an error is e. 

Algorithm rand-SAT 

INPUT: an instance SAT(k,n) and e a probability of making an 
error 

OUTPUT: the right answer ’satisfiable’ or a likely mistaken answer 

’unsatisfiable’ with probability of failure equal to e 

METHOD: it is described by the following steps: 



1- Preprocess the clauses and put them in matrix namely, A 

2- convert matrix A into matrix of type B 



3- set m = 



Ing 



ln(l-(l-p2) 



(2r-f-l)fc(fc-l) 



4-for 2 = 1 to m do 

4.1 choose at random from B a vertical path 5 = ci, C 2 , ..., Cj, .., Cfc 
1 < Cj < Vj 1 < i < fc, then sol = B[l,ci]B[ 2 ,C 2 ]...B[k,Ck] 

4.2 if sol is non null then (* if sol does not involve opposite 
literals*) 



4.2.1 answer ’satisfiable’ 

4.2.2 stop 

5- answer ’unsatisfiable’ with probability of failure equal to s 

6- stop 
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2. 3 Probability of error and polynomial average time 

The probability of error that may be produced by algorithm rand- 
SAT is specified by the following theorem. 



Theorem 1 Let m be the number of iterations of the loop in rand- 
SAT. If m > ^^f; 4 -i)fcrfc-T T probability that algo- 

ln(l-(l-p2)^ 

rithm rand- SAT yields an incorrect result is less than e. 



Proof Let S — {ci,C 2 , be a vertical path 1 < Cj < rj 

l<J<k. The probability that a path S is non null is given in [4] 
by the formula: 






fc fc 2 — i 1 /I 1 \ 



,2V=2 



=2 i=l 



The probability that it is null is equal to 



k k i-1 



E(*-i)ci+EEci-^^ 



And the probability that m generated paths are null is 

k 

E( 

(1 - (1 - p2)«=2 



fe k i 1 L, / L. 1 \ 

Eb-i)ci+EEc,-^^ 

i=2 j=i yn 



If all the m drawn paths are null whereas the instance is satisfiable, 
rand-SAT fails to answer correctly with a probability equal to 



K K l—L , ,, 

E(i-i)ci+EEyi-^ 



(l-(l-p2)i=2' ''i=2i=i^ " yn < 1)^, 

where r is the largest length of clauses. 

Let prove now that 



m > 



ln(l-(l-p2) 



/ / (2r+l)fc(fc — 1) ^ 

(2r+l)fe(fc-iT ~ (1 — (1 — P ) 2 ^ € 



Ine 



m > 



ln(l-(l-p2) 



Ine 

(2r+l)fc(fc- 



Ine > 7nln(l-(l-p^) 2 ) 
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Let show now that the average complexity of rand-SAT is polyno- 
mial. 



Theorem 2 rand-SAT takes polynomial time on average. 



Proof We will prove that the average number of iterations of 
the loop of rand-SAT is polynomial when p < (1 — r“b). When 
p > (1 — r“b), rand-SAT is polynomial since E-SAT is polynomial. 



Let m — 



Ine 

(2r+l)fc(fc-l) 



ln(l-(l-p2) 



) 



If s = then 



m = 



Ine 



ln(l-(l-p2)s) 



ln_e 

ln(l-(l-(f)(p2)+(D(p2)2 _...)) 



ln£ 

In((f)(p2)-(|)(p2)2 +...) 



+ ■■■< iW) + (i)(pV 

^ < Iforio > ^ = twhenp < 

^ 2—r o 

< <i)ipy < 



m < 



Ine 



Ing 



21n5+t ln(p2) 



< 



Ing 



Ing 



< 



Ing 



21n5+tln(l-r 2 lnr+41n fc+t ln(l-r i) t\n{l-r i) 



□ 



It is easy to see that the expected performance of rand-SAT, which 
is polynomial is interesting knowing that the average complexity 
of the randomized algorithm presented in [16] is O(k^), /? being a 
constant. 
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3 Conclusion 

A Monte Carlo algorithm, namely rand-SAT, for solving the satisfi- 
ability problem is presented in this paper. Its average performance 
is compared with previous works in the literature and denotes an 
interesting behavior of the algorithm. 
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